[Qemu-devel] trace: timestamps, core IDs, and file creation

[Hollis Blanchard]

Hi Stefan, I've been starting to use qemu tracing and found it quite 
useful. I have a couple comments about the trace events in general:


The event timestamps are host time (get_clock()). I'm correlating qemu 
events with other logs (using icount), so host time is unhelpful. Could 
we use cpu_get_clock() instead? (Trace events are used in other tools 
like qemu-io, where guest time doesn't exist, and there we could 
continue to use get_clock().)


When trying to understand multi-core guest behavior, it's pretty 
important to know which core is performing the traced action (e.g. 
MMIO). Would it make sense to automatically embed the core index, like 
the timestamp, or do you think it should be encoded in each individual 
tracepoint?


Right now, the simple tracepoint backend creates a trace file even when 
no events are active and no -trace options are present. Compounding the 
situation, omitting "-trace file=foo" results in the directory being 
littered with trace- files... could we create the file only when 
tracing is activated? And maybe with a more predictable name?


--
Hollis Blanchard
Mentor Graphics Emulation Division

Re: [Qemu-devel] [PATCH v1 05/15] crypto: add block encryption framework

[Eric Blake]

On 01/12/2016 11:56 AM, Daniel P. Berrange wrote:
> Add a generic framework for support different block encryption
> formats. Upon instantiating a QCryptoBlock object, it will read
> the encryption header and extract the encryption keys. It is
> then possible to call methods to encrypt/decrypt data buffers.
> 
> There is also a mode whereby it will create/initialize a new
> encryption header on a previously unformatted volume.
> 
> The initial framework comes with support for the legacy QCow
> AES based encryption. This enables code in the QCow driver to
> be consolidated later.
> 
> Signed-off-by: Daniel P. Berrange 
> ---

> +++ b/qapi/crypto.json
> @@ -94,3 +94,68 @@
>  { 'enum': 'QCryptoIVGenAlgorithm',
>'prefix': 'QCRYPTO_IVGEN_ALG',
>'data': ['plain', 'plain64', 'essiv']}
> +
> +##
> +# QCryptoBlockFormat:
> +#
> +# The supported full disk encryption formats
> +#
> +# @qcowaes: QCow/QCow2 built-in AES-CBC encryption. Do not use
> +#

Well, the only reason to use it would be to read data off an old
insecurely-encrypted qcow2 file; so maybe it should read "Do not use on
new files"

> +# Since: 2.6
> +##
> +{ 'enum': 'QCryptoBlockFormat',
> +#  'prefix': 'QCRYPTO_BLOCK_FORMAT',
> +  'data': ['qcowaes']}

Would 'qcow-aes' be any easier to read?

> +
> +##
> +# QCryptoBlockOptionsBase:
> +#
> +# The common options that apply to all full disk
> +# encryption formats
> +#
> +# @format: the encryption format
> +#
> +# Since: 2.6
> +##
> +{ 'struct': 'QCryptoBlockOptionsBase',
> +  'data': { 'format': 'QCryptoBlockFormat' }}

My pending series to add anonymous flat union base types can simplify
this a bit; I've added it to my list of cleanups that are awaiting merge
of my code.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

[Qemu-devel] [PATCH 4/4] pc: set the OEM fields in the RSDT and the FADT from the SLIC

[Laszlo Ersek]

The Microsoft spec about the SLIC and MSDM ACPI tables at
 requires the OEM ID and
OEM Table ID fields to be consistent between the SLIC and the RSDT/XSDT.
That further affects the FADT, because a similar match between the FADT
and the RSDT/XSDT is required by the ACPI spec in general.

The stashed SLIC OEM identifiers can be ignored with the new

  -machine heed-slic-oem=no

option.

Cc: "Michael S. Tsirkin"  (supporter:ACPI/SMBIOS)
Cc: Igor Mammedov  (supporter:ACPI/SMBIOS)
Cc: Paolo Bonzini  (maintainer:X86)
Cc: Richard W.M. Jones 
Cc: Aleksei Kovura 
Cc: Michael Tokarev 
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1248758
Signed-off-by: Laszlo Ersek 
---
 include/hw/i386/pc.h |  2 ++
 hw/i386/acpi-build.c | 22 ++
 hw/i386/pc.c | 19 +++
 qemu-options.hx  | 10 +-
 4 files changed, 48 insertions(+), 5 deletions(-)

diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 588a33c..a762c29 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -56,6 +56,7 @@ struct PCMachineState {
 OnOffAuto vmport;
 OnOffAuto smm;
 bool nvdimm;
+bool heed_slic_oem;
 
 /* RAM information (sizes, addresses, configuration): */
 ram_addr_t below_4g_mem_size, above_4g_mem_size;
@@ -67,6 +68,7 @@ struct PCMachineState {
 #define PC_MACHINE_VMPORT   "vmport"
 #define PC_MACHINE_SMM  "smm"
 #define PC_MACHINE_NVDIMM   "nvdimm"
+#define PC_MACHINE_HEED_SLIC_OEM"heed-slic-oem"
 
 /**
  * PCMachineClass:
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 6408362..cf2aafc 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -337,7 +337,8 @@ static void fadt_setup(AcpiFadtDescriptorRev1 *fadt, 
AcpiPmInfo *pm)
 /* FADT */
 static void
 build_fadt(GArray *table_data, GArray *linker, AcpiPmInfo *pm,
-   unsigned facs, unsigned dsdt)
+   unsigned facs, unsigned dsdt,
+   const char *oem_id, const char *oem_table_id)
 {
 AcpiFadtDescriptorRev1 *fadt = acpi_data_push(table_data, sizeof(*fadt));
 
@@ -358,7 +359,7 @@ build_fadt(GArray *table_data, GArray *linker, AcpiPmInfo 
*pm,
 fadt_setup(fadt, pm);
 
 build_header(linker, table_data,
- (void *)fadt, "FACP", sizeof(*fadt), 1, NULL, NULL);
+ (void *)fadt, "FACP", sizeof(*fadt), 1, oem_id, oem_table_id);
 }
 
 static void
@@ -2621,6 +2622,17 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 uint8_t *u;
 size_t aml_len = 0;
 GArray *tables_blob = tables->table_data;
+char *slic_oem_id = NULL;
+char *slic_oem_table_id = NULL;
+PCMachineState *pcms = PC_MACHINE(qdev_get_machine());
+bool heed_slic_oem = object_property_get_bool(OBJECT(pcms),
+  PC_MACHINE_HEED_SLIC_OEM,
+  _abort);
+
+if (heed_slic_oem) {
+slic_oem_id = acpi_slic_oem_id;
+slic_oem_table_id = acpi_slic_oem_table_id;
+}
 
 acpi_get_cpu_info();
 acpi_get_pm_info();
@@ -2654,7 +2666,8 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 
 /* ACPI tables pointed to by RSDT */
 acpi_add_table(table_offsets, tables_blob);
-build_fadt(tables_blob, tables->linker, , facs, dsdt);
+build_fadt(tables_blob, tables->linker, , facs, dsdt,
+   slic_oem_id, slic_oem_table_id);
 
 ssdt = tables_blob->len;
 acpi_add_table(table_offsets, tables_blob);
@@ -2705,7 +2718,8 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 
 /* RSDT is pointed to by RSDP */
 rsdt = tables_blob->len;
-build_rsdt(tables_blob, tables->linker, table_offsets, NULL, NULL);
+build_rsdt(tables_blob, tables->linker, table_offsets,
+   slic_oem_id, slic_oem_table_id);
 
 /* RSDP is in FSEG memory, so allocate it separately */
 build_rsdp(tables->rsdp, tables->linker, rsdt);
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index c36b8cf..3e7a72a 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1887,6 +1887,20 @@ static void pc_machine_set_nvdimm(Object *obj, bool 
value, Error **errp)
 pcms->nvdimm = value;
 }
 
+static bool pc_machine_get_heed_slic_oem(Object *obj, Error **errp)
+{
+PCMachineState *pcms = PC_MACHINE(obj);
+
+return pcms->heed_slic_oem;
+}
+
+static void pc_machine_set_heed_slic_oem(Object *obj, bool value, Error **errp)
+{
+PCMachineState *pcms = PC_MACHINE(obj);
+
+pcms->heed_slic_oem = value;
+}
+
 static void pc_machine_initfn(Object *obj)
 {
 PCMachineState *pcms = PC_MACHINE(obj);
@@ -1926,6 +1940,11 @@ static void pc_machine_initfn(Object *obj)
 pcms->nvdimm = false;
 object_property_add_bool(obj, PC_MACHINE_NVDIMM, pc_machine_get_nvdimm,
  

[Qemu-devel] [Bug 1533848] [NEW] A workaround for Windows 7 ACPI SLIC table behavior when used with OVMF

[Aleksei Kovura]

Public bug reported:

When OVMF is used, Windows 7 refuses to read SLIC ACPI table, passed via
-acpitable option, because it expects oem id and oem table id to match
in SLIC, XSDT, RSDT, FADT. There's a detailed discussion here:
https://bugzilla.redhat.com/show_bug.cgi?id=1248758

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1533848

Title:
  A workaround for Windows 7 ACPI SLIC table behavior when used with
  OVMF

Status in QEMU:
  New

Bug description:
  When OVMF is used, Windows 7 refuses to read SLIC ACPI table, passed
  via -acpitable option, because it expects oem id and oem table id to
  match in SLIC, XSDT, RSDT, FADT. There's a detailed discussion here:
  https://bugzilla.redhat.com/show_bug.cgi?id=1248758

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1533848/+subscriptions

Re: [Qemu-devel] [PATCH v2 1/2] blockdev: Error out on negative throttling option values

[Fam Zheng]

On Wed, 01/13 12:13, Alberto Garcia wrote:
> On Wed 13 Jan 2016 12:02:00 PM CET, Fam Zheng wrote:
> 
> >> > Check the number range so this case is catched and reported.
> >> 
> >> I still don't know why qemu_opt_get_number() convert silently
> >> negative numbers into positive ones, shouldn't it just fail with an
> >> "invalid parameter" error?
> >
> > Because the parsing is done with strtoull(3) and unfortunately its man
> > page says "negative values are considered valid input and are silently
> > converted to the equivalent unsigned long int value."
> 
> I see... parse_uint() from cutils.c handles that by making an explicit
> check for negative numbers. It probably makes sense to apply the same
> solution (or even merge the code to the extent to which it's possible).
> 
> I also noticed that there's a couple of places where we're calling
> qemu_opt_get_number() passing -1 as default value, so maybe that API
> needs to be reviewed anyway.

Those callers rely on casting preserves the MSB as the sign, but that's ugly.
Anyway I'd leave the API change for a separate series and keep this patch local
to fix this particular regression. :)

Fam

[Qemu-devel] [PATCH v3 0/2] block: Reject negative values for throttling options

[Fam Zheng]

v3: Address comments:
- Add test for large value; [Berto]
- Fix typos "negative" & "caught"; [Eric, Berto]
- Use "LL" suffix to the upper limit constant. [Berto]

v2: Check the value range and report an appropriate error. [Berto]

Now the negative values are silently converted to a huge positive number
because we are doing implicit casting from uint64_t to double. Fix it and add a
test case (this was once fixed in 7d81c1413c9 but regressed when the block
device option parsing code was changed).


Fam Zheng (2):
  blockdev: Error out on negative throttling option values
  iotests: Test that negative and large throttle values are rejected

 blockdev.c|  3 ++-
 include/qemu/throttle.h   |  2 ++
 tests/qemu-iotests/051| 12 
 tests/qemu-iotests/051.out| 24 
 tests/qemu-iotests/051.pc.out | 24 
 util/throttle.c   | 16 ++--
 6 files changed, 70 insertions(+), 11 deletions(-)

-- 
2.4.3

[Qemu-devel] [PATCH v3 1/2] blockdev: Error out on negative throttling option values

[Fam Zheng]

The implicit casting from unsigned int to double changes negative values
into large positive numbers and accepts them.  We should instead print
an error.

Check the number range so this case is caught and reported.

Signed-off-by: Fam Zheng 
---
 blockdev.c  |  3 ++-
 include/qemu/throttle.h |  2 ++
 util/throttle.c | 16 ++--
 3 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index 2df0c6d..1afef87 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -348,7 +348,8 @@ static bool check_throttle_config(ThrottleConfig *cfg, 
Error **errp)
 }
 
 if (!throttle_is_valid(cfg)) {
-error_setg(errp, "bps/iops/maxs values must be 0 or greater");
+error_setg(errp, "bps/iops/maxs values must be within [0, %" PRId64
+ ")", (int64_t)THROTTLE_VALUE_MAX);
 return false;
 }
 
diff --git a/include/qemu/throttle.h b/include/qemu/throttle.h
index 12faaad..d0c98ed 100644
--- a/include/qemu/throttle.h
+++ b/include/qemu/throttle.h
@@ -29,6 +29,8 @@
 #include "qemu-common.h"
 #include "qemu/timer.h"
 
+#define THROTTLE_VALUE_MAX 1000LL
+
 typedef enum {
 THROTTLE_BPS_TOTAL,
 THROTTLE_BPS_READ,
diff --git a/util/throttle.c b/util/throttle.c
index 1113671..af4bc95 100644
--- a/util/throttle.c
+++ b/util/throttle.c
@@ -282,22 +282,18 @@ bool throttle_conflicting(ThrottleConfig *cfg)
  */
 bool throttle_is_valid(ThrottleConfig *cfg)
 {
-bool invalid = false;
 int i;
 
 for (i = 0; i < BUCKETS_COUNT; i++) {
-if (cfg->buckets[i].avg < 0) {
-invalid = true;
+if (cfg->buckets[i].avg < 0 ||
+cfg->buckets[i].max < 0 ||
+cfg->buckets[i].avg > THROTTLE_VALUE_MAX ||
+cfg->buckets[i].max > THROTTLE_VALUE_MAX) {
+return false;
 }
 }
 
-for (i = 0; i < BUCKETS_COUNT; i++) {
-if (cfg->buckets[i].max < 0) {
-invalid = true;
-}
-}
-
-return !invalid;
+return true;
 }
 
 /* check if bps_max/iops_max is used without bps/iops
-- 
2.4.3

[Qemu-devel] [PATCH v3 2/2] iotests: Test that negative and large throttle values are rejected

[Fam Zheng]

Signed-off-by: Fam Zheng 
---
 tests/qemu-iotests/051| 12 
 tests/qemu-iotests/051.out| 24 
 tests/qemu-iotests/051.pc.out | 24 
 3 files changed, 60 insertions(+)

diff --git a/tests/qemu-iotests/051 b/tests/qemu-iotests/051
index d91f80b..cdf72d4 100755
--- a/tests/qemu-iotests/051
+++ b/tests/qemu-iotests/051
@@ -263,6 +263,18 @@ run_qemu -drive 
file="$TEST_IMG",iops_size=1234,throttling.iops-size=5678
 run_qemu -drive file="$TEST_IMG",readonly=on,read-only=off
 
 echo
+echo === Catching negative/large throttling values ===
+echo
+
+run_qemu -drive file="$TEST_IMG",iops=-1
+run_qemu -drive file="$TEST_IMG",bps=-2
+run_qemu -drive file="$TEST_IMG",bps_rd=-3
+run_qemu -drive file="$TEST_IMG",bps_rd_max=-3
+run_qemu -drive file="$TEST_IMG",throttling.iops-total=-4
+run_qemu -drive file="$TEST_IMG",throttling.bps-total=-5
+run_qemu -drive file="$TEST_IMG",bps=1001
+
+echo
 echo === Parsing protocol from file name ===
 echo
 
diff --git a/tests/qemu-iotests/051.out b/tests/qemu-iotests/051.out
index bf886ce..efbb39c 100644
--- a/tests/qemu-iotests/051.out
+++ b/tests/qemu-iotests/051.out
@@ -285,6 +285,30 @@ Testing: -drive 
file=TEST_DIR/t.qcow2,readonly=on,read-only=off
 QEMU_PROG: -drive file=TEST_DIR/t.qcow2,readonly=on,read-only=off: 'read-only' 
and its alias 'readonly' can't be used at the same time
 
 
+=== Catching negative/large throttling values ===
+
+Testing: -drive file=TEST_DIR/t.qcow2,iops=-1
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,iops=-1: bps/iops/maxs values must be 
within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,bps=-2
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,bps=-2: bps/iops/maxs values must be 
within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,bps_rd=-3
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,bps_rd=-3: bps/iops/maxs values must 
be within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,bps_rd_max=-3
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,bps_rd_max=-3: bps/iops/maxs values 
must be within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,throttling.iops-total=-4
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,throttling.iops-total=-4: 
bps/iops/maxs values must be within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,throttling.bps-total=-5
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,throttling.bps-total=-5: bps/iops/maxs 
values must be within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,bps=1001
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,bps=1001: bps/iops/maxs 
values must be within [0, 1000)
+
+
 === Parsing protocol from file name ===
 
 Testing: -hda foo:bar
diff --git a/tests/qemu-iotests/051.pc.out b/tests/qemu-iotests/051.pc.out
index a5dfc33..0cb1506 100644
--- a/tests/qemu-iotests/051.pc.out
+++ b/tests/qemu-iotests/051.pc.out
@@ -379,6 +379,30 @@ Testing: -drive 
file=TEST_DIR/t.qcow2,readonly=on,read-only=off
 QEMU_PROG: -drive file=TEST_DIR/t.qcow2,readonly=on,read-only=off: 'read-only' 
and its alias 'readonly' can't be used at the same time
 
 
+=== Catching negative/large throttling values ===
+
+Testing: -drive file=TEST_DIR/t.qcow2,iops=-1
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,iops=-1: bps/iops/maxs values must be 
within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,bps=-2
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,bps=-2: bps/iops/maxs values must be 
within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,bps_rd=-3
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,bps_rd=-3: bps/iops/maxs values must 
be within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,bps_rd_max=-3
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,bps_rd_max=-3: bps/iops/maxs values 
must be within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,throttling.iops-total=-4
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,throttling.iops-total=-4: 
bps/iops/maxs values must be within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,throttling.bps-total=-5
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,throttling.bps-total=-5: bps/iops/maxs 
values must be within [0, 1000)
+
+Testing: -drive file=TEST_DIR/t.qcow2,bps=1001
+QEMU_PROG: -drive file=TEST_DIR/t.qcow2,bps=1001: bps/iops/maxs 
values must be within [0, 1000)
+
+
 === Parsing protocol from file name ===
 
 Testing: -hda foo:bar
-- 
2.4.3

Re: [Qemu-devel] [PATCH v2 1/2] blockdev: Error out on negative throttling option values

[Eric Blake]

On 01/13/2016 03:17 AM, Alberto Garcia wrote:
> On Wed 13 Jan 2016 01:52:29 AM CET, Fam Zheng wrote:
> 
>> The implicit casting from unsigned int to double changes negative values
>> into large positive numbers and accepts them.  We should instead print
>> an error.
>>
>> Check the number range so this case is catched and reported.

s/catched/caught/

> 
> I still don't know why qemu_opt_get_number() convert silently negative
> numbers into positive ones, shouldn't it just fail with an "invalid
> parameter" error?

Passing -1 as a synonym for ULLONG_MAX can be convenient.  But rejecting
it outright rather than doing wraparound wouldn't hurt libvirt too badly.

> 
>> +#define THROTTLE_VALUE_MAX 1000L
> 
> This is larger than LONG_MAX in 32-bit systems, I don't know if you need
> to use LL instead.

You do need LL, not for C99, but for older compilers (hello mingw).

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v14 0/8] Block replication for continuous checkpoints

[Changlong Xie]

It seems i missed someone in CC list, add them.

Thanks
-Xie

On 01/13/2016 05:18 PM, Changlong Xie wrote:

Block replication is a very important feature which is used for
continuous checkpoints(for example: COLO).

You can get the detailed information about block replication from here:
http://wiki.qemu.org/Features/BlockReplication

Usage:
Please refer to docs/block-replication.txt

This patch series is based on the following patch series:
1. http://lists.nongnu.org/archive/html/qemu-devel/2015-12/msg04570.html

You can get the patch here:
https://github.com/Pating/qemu/tree/changlox/block-replication-v14

You can get the patch with framework here:
https://github.com/Pating/qemu/tree/changlox/colo_framework_v13

TODO:
1. Continuous block replication. It will be started after basic functions
are accepted.

Changs Log:
V14:
1. Implement auto complete active commit
2. Implement active commit block job for replication.c
3. Address the comments from Stefan, add replication-specific API and data
structure, also remove old block layer APIs
V13:
1. Rebase to the newest codes
2. Remove redundant marcos and semicolon in replication.c
3. Fix typos in block-replication.txt
V12:
1. Rebase to the newest codes
2. Use backing reference to replcace 'allow-write-backing-file'
V11:
1. Reopen the backing file when starting blcok replication if it is not
opened in R/W mode
2. Unblock BLOCK_OP_TYPE_BACKUP_SOURCE and BLOCK_OP_TYPE_BACKUP_TARGET
when opening backing file
3. Block the top BDS so there is only one block job for the top BDS and
its backing chain.
V10:
1. Use blockdev-remove-medium and blockdev-insert-medium to replace backing
reference.
2. Address the comments from Eric Blake
V9:
1. Update the error messages
2. Rebase to the newest qemu
3. Split child add/delete support. These patches are sent in another patchset.
V8:
1. Address Alberto Garcia's comments
V7:
1. Implement adding/removing quorum child. Remove the option non-connect.
2. Simplify the backing refrence option according to Stefan Hajnoczi's 
suggestion
V6:
1. Rebase to the newest qemu.
V5:
1. Address the comments from Gong Lei
2. Speed the failover up. The secondary vm can take over very quickly even
if there are too many I/O requests.
V4:
1. Introduce a new driver replication to avoid touch nbd and qcow2.
V3:
1: use error_setg() instead of error_set()
2. Add a new block job API
3. Active disk, hidden disk and nbd target uses the same AioContext
4. Add a testcase to test new hbitmap API
V2:
1. Redesign the secondary qemu(use image-fleecing)
2. Use Error objects to return error message
3. Address the comments from Max Reitz and Eric Blake

Wen Congyang (8):
   unblock backup operations in backing file
   Store parent BDS in BdrvChild
   Backup: clear all bitmap when doing block checkpoint
   Allow creating backup jobs when opening BDS
   docs: block replication's description
   auto complete active commit
   Implement new driver for block replication
   support replication driver in blockdev-add

  block.c  |  19 ++
  block/Makefile.objs  |   3 +-
  block/backup.c   |  14 +
  block/mirror.c   |  13 +-
  block/replication-comm.c |  66 +
  block/replication.c  | 590 +++
  blockdev.c   |   2 +-
  blockjob.c   |  11 +
  docs/block-replication.txt   | 229 +++
  include/block/block_int.h|   4 +-
  include/block/blockjob.h |  12 +
  include/block/replication-comm.h |  50 
  qapi/block-core.json |  33 ++-
  qemu-img.c   |   2 +-
  14 files changed, 1038 insertions(+), 10 deletions(-)
  create mode 100644 block/replication-comm.c
  create mode 100644 block/replication.c
  create mode 100644 docs/block-replication.txt
  create mode 100644 include/block/replication-comm.h

[Qemu-devel] [PATCH 3/4] acpi: stash the OEM ID and OEM Table ID fields from an external SLIC table

[Laszlo Ersek]

The SLIC table is not generated by QEMU. If the user specifies an external
one however, then board-specific code might want to adapt other,
auto-generated tables to it. This patch saves the OEM ID and OEM Table ID
fields from the SLIC, and leaves the actual utilization to board code (the
next patch).

Cc: "Michael S. Tsirkin"  (supporter:ACPI/SMBIOS)
Cc: Igor Mammedov  (supporter:ACPI/SMBIOS)
Cc: Richard W.M. Jones 
Cc: Aleksei Kovura 
Cc: Michael Tokarev 
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1248758
Signed-off-by: Laszlo Ersek 
---
 include/hw/acpi/acpi.h |  2 ++
 hw/acpi/core.c | 18 ++
 2 files changed, 20 insertions(+)

diff --git a/include/hw/acpi/acpi.h b/include/hw/acpi/acpi.h
index b20bd55..407197a 100644
--- a/include/hw/acpi/acpi.h
+++ b/include/hw/acpi/acpi.h
@@ -189,6 +189,8 @@ void acpi_update_sci(ACPIREGS *acpi_regs, qemu_irq irq);
 extern int acpi_enabled;
 extern char unsigned *acpi_tables;
 extern size_t acpi_tables_len;
+extern char *acpi_slic_oem_id;
+extern char *acpi_slic_oem_table_id;
 
 uint8_t *acpi_table_first(void);
 uint8_t *acpi_table_next(uint8_t *current);
diff --git a/hw/acpi/core.c b/hw/acpi/core.c
index 21e113d..7046035 100644
--- a/hw/acpi/core.c
+++ b/hw/acpi/core.c
@@ -54,6 +54,8 @@ static const char unsigned dfl_hdr[ACPI_TABLE_HDR_SIZE - 
ACPI_TABLE_PFX_SIZE] =
 
 char unsigned *acpi_tables;
 size_t acpi_tables_len;
+char *acpi_slic_oem_id;
+char *acpi_slic_oem_table_id;
 
 static QemuOptsList qemu_acpi_opts = {
 .name = "acpi",
@@ -227,6 +229,22 @@ static void acpi_table_install(const char unsigned *blob, 
size_t bloblen,
 /* recalculate checksum */
 ext_hdr->checksum = acpi_checksum((const char unsigned *)ext_hdr +
   ACPI_TABLE_PFX_SIZE, acpi_payload_size);
+
+/* If the table signature is SLIC, stash the OEM ID and OEM Table ID
+ * fields, so we can later adapt the RSDT and the FADT.
+ */
+if (memcmp(ext_hdr->sig, "SLIC", 4) == 0) {
+g_free(acpi_slic_oem_id);
+acpi_slic_oem_id = g_malloc(sizeof ext_hdr->oem_id + 1);
+memcpy(acpi_slic_oem_id, ext_hdr->oem_id, sizeof ext_hdr->oem_id);
+acpi_slic_oem_id[sizeof ext_hdr->oem_id] = '\0';
+
+g_free(acpi_slic_oem_table_id);
+acpi_slic_oem_table_id = g_malloc(sizeof ext_hdr->oem_table_id + 1);
+memcpy(acpi_slic_oem_table_id, ext_hdr->oem_table_id,
+   sizeof ext_hdr->oem_table_id);
+acpi_slic_oem_table_id[sizeof ext_hdr->oem_table_id] = '\0';
+}
 }
 
 void acpi_table_add(const QemuOpts *opts, Error **errp)
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH 2/2] net: netmap: avoid mmap() when ports use the same shared memory area

[Jason Wang]

On 01/08/2016 09:15 PM, Vincenzo Maffione wrote:
> With this patch, nm_open() does not mmap() the netmap device. This
> operation is performed separately only if the memory area of the
> port just opened was not known before.
> A global list of netmap clients is kept to check when matches
> occur.
>
> Signed-off-by: Vincenzo Maffione 
> ---
>  net/netmap.c | 38 +-
>  1 file changed, 37 insertions(+), 1 deletion(-)
>
> diff --git a/net/netmap.c b/net/netmap.c
> index 27295ab..6a4c01c 100644
> --- a/net/netmap.c
> +++ b/net/netmap.c
> @@ -49,8 +49,12 @@ typedef struct NetmapState {
>  boolwrite_poll;
>  struct ioveciov[IOV_MAX];
>  int vnet_hdr_len;  /* Current virtio-net header length. 
> */
> +QTAILQ_ENTRY(NetmapState) next;
>  } NetmapState;
>  
> +static QTAILQ_HEAD(, NetmapState) netmap_clients =
> +   QTAILQ_HEAD_INITIALIZER(netmap_clients);
> +
>  #ifndef __FreeBSD__
>  #define pkt_copy bcopy
>  #else
> @@ -78,6 +82,23 @@ pkt_copy(const void *_src, void *_dst, int l)
>  #endif /* __FreeBSD__ */
>  
>  /*
> + * find nm_desc parent with same allocator
> + */
> +static struct nm_desc *
> +netmap_find_memory(struct nm_desc *nmd)
> +{
> +NetmapState *s;
> +
> +QTAILQ_FOREACH(s, _clients, next) {
> +if (nmd->req.nr_arg2 == s->nmd->req.nr_arg2) {
> +return s->nmd;
> +}
> +}
> +
> +return NULL;
> +}
> +
> +/*
>   * Open a netmap device. We assume there is only one queue
>   * (which is the case for the VALE bridge).
>   */
> @@ -86,10 +107,11 @@ static struct nm_desc *netmap_open(const 
> NetdevNetmapOptions *nm_opts,
>  {
>  struct nm_desc *nmd;
>  struct nmreq req;
> +int ret;
>  
>  memset(, 0, sizeof(req));
>  
> -nmd = nm_open(nm_opts->ifname, , NETMAP_NO_TX_POLL,
> +nmd = nm_open(nm_opts->ifname, , NETMAP_NO_TX_POLL | NM_OPEN_NO_MMAP,
>NULL);
>  if (nmd == NULL) {
>  error_setg_errno(errp, errno, "Failed to nm_open() %s",
> @@ -97,6 +119,17 @@ static struct nm_desc *netmap_open(const 
> NetdevNetmapOptions *nm_opts,
>  return NULL;
>  }
>  
> +/* Check if we already have a nm_desc that uses the same memory as the 
> one
> + * just opened, so that nm_mmap() can skip mmap() and inherit from 
> parent.
> + */
> +ret = nm_mmap(nmd, netmap_find_memory(nmd));

Looks like I could not find nm_mmap() definition in neither qemu or
freebsd source. Is there anything missed?

> +if (ret) {
> +error_setg_errno(errp, errno, "Failed to nm_mmap() %s",
> + nm_opts->ifname);
> +nm_close(nmd);
> +return NULL;
> +}
> +
>  return nmd;
>  }
>  
> @@ -321,6 +354,8 @@ static void netmap_cleanup(NetClientState *nc)
>  netmap_poll(nc, false);
>  nm_close(s->nmd);
>  s->nmd = NULL;
> +
> +QTAILQ_REMOVE(_clients, s, next);
>  }
>  
>  /* Offloading manipulation support callbacks. */
> @@ -423,6 +458,7 @@ int net_init_netmap(const NetClientOptions *opts,
>  s->rx = NETMAP_RXRING(nmd->nifp, 0);
>  s->vnet_hdr_len = 0;
>  pstrcpy(s->ifname, sizeof(s->ifname), netmap_opts->ifname);
> +QTAILQ_INSERT_TAIL(_clients, s, next);
>  netmap_read_poll(s, true); /* Initially only poll for reads. */
>  
>  return 0;

[Qemu-devel] [PATCH 1/4] acpi: take oem_id in build_header(), optionally

[Laszlo Ersek]

This patch is the continuation of commit 8870ca0e94f2 ("acpi: support
specified oem table id for build_header"). It will allow us to control the
OEM ID field too in the SDT header.

Cc: "Michael S. Tsirkin"  (supporter:ACPI/SMBIOS)
Cc: Igor Mammedov  (supporter:ACPI/SMBIOS)
Cc: Xiao Guangrong  (maintainer:NVDIMM)
Cc: Shannon Zhao  (maintainer:ARM ACPI Subsystem)
Cc: Paolo Bonzini  (maintainer:X86)
Cc: Richard W.M. Jones 
Cc: Aleksei Kovura 
Cc: Michael Tokarev 
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1248758
Signed-off-by: Laszlo Ersek 
---
 include/hw/acpi/aml-build.h |  2 +-
 hw/acpi/aml-build.c | 11 ---
 hw/acpi/nvdimm.c|  4 ++--
 hw/arm/virt-acpi-build.c| 12 ++--
 hw/i386/acpi-build.c| 20 ++--
 5 files changed, 27 insertions(+), 22 deletions(-)

diff --git a/include/hw/acpi/aml-build.h b/include/hw/acpi/aml-build.h
index 6d6f705..c460bdd 100644
--- a/include/hw/acpi/aml-build.h
+++ b/include/hw/acpi/aml-build.h
@@ -357,7 +357,7 @@ Aml *aml_sizeof(Aml *arg);
 void
 build_header(GArray *linker, GArray *table_data,
  AcpiTableHeader *h, const char *sig, int len, uint8_t rev,
- const char *oem_table_id);
+ const char *oem_id, const char *oem_table_id);
 void *acpi_data_push(GArray *table_data, unsigned size);
 unsigned acpi_data_len(GArray *table);
 void acpi_add_table(GArray *table_offsets, GArray *table_data);
diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c
index 78e1290..05b8bd0 100644
--- a/hw/acpi/aml-build.c
+++ b/hw/acpi/aml-build.c
@@ -1430,12 +1430,17 @@ Aml *aml_alias(const char *source_object, const char 
*alias_object)
 void
 build_header(GArray *linker, GArray *table_data,
  AcpiTableHeader *h, const char *sig, int len, uint8_t rev,
- const char *oem_table_id)
+ const char *oem_id, const char *oem_table_id)
 {
 memcpy(>signature, sig, 4);
 h->length = cpu_to_le32(len);
 h->revision = rev;
-memcpy(h->oem_id, ACPI_BUILD_APPNAME6, 6);
+
+if (oem_id) {
+strncpy((char *)h->oem_id, oem_id, sizeof h->oem_id);
+} else {
+memcpy(h->oem_id, ACPI_BUILD_APPNAME6, 6);
+}
 
 if (oem_table_id) {
 strncpy((char *)h->oem_table_id, oem_table_id, 
sizeof(h->oem_table_id));
@@ -1510,5 +1515,5 @@ build_rsdt(GArray *table_data, GArray *linker, GArray 
*table_offsets)
sizeof(uint32_t));
 }
 build_header(linker, table_data,
- (void *)rsdt, "RSDT", rsdt_len, 1, NULL);
+ (void *)rsdt, "RSDT", rsdt_len, 1, NULL, NULL);
 }
diff --git a/hw/acpi/nvdimm.c b/hw/acpi/nvdimm.c
index df1b176..73749aa 100644
--- a/hw/acpi/nvdimm.c
+++ b/hw/acpi/nvdimm.c
@@ -365,7 +365,7 @@ static void nvdimm_build_nfit(GSList *device_list, GArray 
*table_offsets,
 
 build_header(linker, table_data,
  (void *)(table_data->data + header), "NFIT",
- sizeof(NvdimmNfitHeader) + structures->len, 1, NULL);
+ sizeof(NvdimmNfitHeader) + structures->len, 1, NULL, NULL);
 g_array_free(structures, true);
 }
 
@@ -470,7 +470,7 @@ static void nvdimm_build_ssdt(GSList *device_list, GArray 
*table_offsets,
 g_array_append_vals(table_data, ssdt->buf->data, ssdt->buf->len);
 build_header(linker, table_data,
 (void *)(table_data->data + table_data->len - ssdt->buf->len),
-"SSDT", ssdt->buf->len, 1, "NVDIMM");
+"SSDT", ssdt->buf->len, 1, NULL, "NVDIMM");
 free_aml_allocator();
 }
 
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index 0caf5ce..6b5aa12 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -424,7 +424,7 @@ build_spcr(GArray *table_data, GArray *linker, 
VirtGuestInfo *guest_info)
 spcr->pci_vendor_id = 0x;  /* PCI Vendor ID: not a PCI device */
 
 build_header(linker, table_data, (void *)spcr, "SPCR", sizeof(*spcr), 2,
- NULL);
+ NULL, NULL);
 }
 
 static void
@@ -443,7 +443,7 @@ build_mcfg(GArray *table_data, GArray *linker, 
VirtGuestInfo *guest_info)
 mcfg->allocation[0].end_bus_number = (memmap[VIRT_PCIE_ECAM].size
   / PCIE_MMCFG_SIZE_MIN) - 1;
 
-build_header(linker, table_data, (void *)mcfg, "MCFG", len, 1, NULL);
+build_header(linker, table_data, (void *)mcfg, "MCFG", len, 1, NULL, NULL);
 }
 
 /* GTDT */
@@ -469,7 +469,7 @@ build_gtdt(GArray *table_data, GArray *linker)
 
 build_header(linker, table_data,
  (void *)(table_data->data + gtdt_start), "GTDT",
- table_data->len - gtdt_start, 2, NULL);
+ table_data->len - gtdt_start, 2, NULL, NULL);
 }
 
 /* MADT */
@@ -531,7 +531,7 @@ build_madt(GArray 

[Qemu-devel] [PATCH 0/4] set the OEM fields in the RSDT and the FADT from the SLIC

[Laszlo Ersek]

Background:
- https://bugzilla.redhat.com/show_bug.cgi?id=1248758
- http://thread.gmane.org/gmane.comp.emulators.qemu/358854
- https://github.com/tianocore/edk2/issues/5

This matters mostly for Win7 installations that were converted with p2v.
Testing feedback from such environments would be appreciated.

Cc: "Michael S. Tsirkin" 
Cc: Aleksei Kovura 
Cc: Igor Mammedov 
Cc: Michael Tokarev 
Cc: Paolo Bonzini 
Cc: Richard W.M. Jones 
Cc: Shannon Zhao 
Cc: Xiao Guangrong 

Thanks
Laszlo

Laszlo Ersek (4):
  acpi: take oem_id in build_header(), optionally
  acpi: expose oem_id and oem_table_id in build_rsdt()
  acpi: stash the OEM ID and OEM Table ID fields from an external SLIC
table
  pc: set the OEM fields in the RSDT and the FADT from the SLIC

 include/hw/acpi/acpi.h  |  2 ++
 include/hw/acpi/aml-build.h |  5 +++--
 include/hw/i386/pc.h|  2 ++
 hw/acpi/aml-build.c | 14 ++
 hw/acpi/core.c  | 18 ++
 hw/acpi/nvdimm.c|  4 ++--
 hw/arm/virt-acpi-build.c| 14 +++---
 hw/i386/acpi-build.c| 40 +++-
 hw/i386/pc.c| 19 +++
 qemu-options.hx | 10 +-
 10 files changed, 99 insertions(+), 29 deletions(-)

-- 
1.8.3.1

[Qemu-devel] [PATCH 2/4] acpi: expose oem_id and oem_table_id in build_rsdt()

[Laszlo Ersek]

Since build_rsdt() is implemented as common utility code (in
"hw/acpi/aml-build.c"), it should expose -- and forward -- the oem_id and
oem_table_id parameters between board code and the generic build_header()
function.

Cc: "Michael S. Tsirkin"  (supporter:ACPI/SMBIOS)
Cc: Igor Mammedov  (supporter:ACPI/SMBIOS)
Cc: Shannon Zhao  (maintainer:ARM ACPI Subsystem)
Cc: Paolo Bonzini  (maintainer:X86)
Cc: Richard W.M. Jones 
Cc: Aleksei Kovura 
Cc: Michael Tokarev 
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1248758
Signed-off-by: Laszlo Ersek 
---
 include/hw/acpi/aml-build.h | 3 ++-
 hw/acpi/aml-build.c | 5 +++--
 hw/arm/virt-acpi-build.c| 2 +-
 hw/i386/acpi-build.c| 2 +-
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/include/hw/acpi/aml-build.h b/include/hw/acpi/aml-build.h
index c460bdd..aa29d30 100644
--- a/include/hw/acpi/aml-build.h
+++ b/include/hw/acpi/aml-build.h
@@ -364,6 +364,7 @@ void acpi_add_table(GArray *table_offsets, GArray 
*table_data);
 void acpi_build_tables_init(AcpiBuildTables *tables);
 void acpi_build_tables_cleanup(AcpiBuildTables *tables, bool mfre);
 void
-build_rsdt(GArray *table_data, GArray *linker, GArray *table_offsets);
+build_rsdt(GArray *table_data, GArray *linker, GArray *table_offsets,
+   const char *oem_id, const char *oem_table_id);
 
 #endif
diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c
index 05b8bd0..ce7fe81 100644
--- a/hw/acpi/aml-build.c
+++ b/hw/acpi/aml-build.c
@@ -1496,7 +1496,8 @@ void acpi_build_tables_cleanup(AcpiBuildTables *tables, 
bool mfre)
 
 /* Build rsdt table */
 void
-build_rsdt(GArray *table_data, GArray *linker, GArray *table_offsets)
+build_rsdt(GArray *table_data, GArray *linker, GArray *table_offsets,
+   const char *oem_id, const char *oem_table_id)
 {
 AcpiRsdtDescriptorRev1 *rsdt;
 size_t rsdt_len;
@@ -1515,5 +1516,5 @@ build_rsdt(GArray *table_data, GArray *linker, GArray 
*table_offsets)
sizeof(uint32_t));
 }
 build_header(linker, table_data,
- (void *)rsdt, "RSDT", rsdt_len, 1, NULL, NULL);
+ (void *)rsdt, "RSDT", rsdt_len, 1, oem_id, oem_table_id);
 }
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index 6b5aa12..61b6f9a 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -656,7 +656,7 @@ void virt_acpi_build(VirtGuestInfo *guest_info, 
AcpiBuildTables *tables)
 
 /* RSDT is pointed to by RSDP */
 rsdt = tables_blob->len;
-build_rsdt(tables_blob, tables->linker, table_offsets);
+build_rsdt(tables_blob, tables->linker, table_offsets, NULL, NULL);
 
 /* RSDP is in FSEG memory, so allocate it separately */
 build_rsdp(tables->rsdp, tables->linker, rsdt);
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index e1ebd07..6408362 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -2705,7 +2705,7 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 
 /* RSDT is pointed to by RSDP */
 rsdt = tables_blob->len;
-build_rsdt(tables_blob, tables->linker, table_offsets);
+build_rsdt(tables_blob, tables->linker, table_offsets, NULL, NULL);
 
 /* RSDP is in FSEG memory, so allocate it separately */
 build_rsdp(tables->rsdp, tables->linker, rsdt);
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH v2 2/2] iotests: Test that negative throttle values are rejected

[Fam Zheng]

On Wed, 01/13 11:02, Alberto Garcia wrote:
> On Wed 13 Jan 2016 01:52:30 AM CET, Fam Zheng  wrote:
> 
> > +echo === Catching nagative throttling values ===
> 
> s/nagative/negative/
> 
> (there are several of these in the patch)

Will fix.

> 
> You could also test the upper limits now.
> 

Yes, I will add one.

Fam

[Qemu-devel] [PULL 09/41] error: Don't append a newline when printing the error hint

[Markus Armbruster]

Since commit 50b7b00, we have error_append_hint() to conveniently
accumulate Error member @hint.  error_report_err() prints it with a
newline appended.  Consequently, users of error_append_hint() need to
know whether theirs is the final line of the hint to decide whether it
needs a newline.  Not a nice interface.

Change error_report_err() to print just the hint, and the (still few)
users of error_append_hint() to add the required newline.

Cc: Eric Blake 
Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450370121-5768-7-git-send-email-arm...@redhat.com>
---
 qdev-monitor.c | 2 ++
 util/error.c   | 2 +-
 util/qemu-option.c | 4 ++--
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/qdev-monitor.c b/qdev-monitor.c
index a35098f..30936df 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -304,6 +304,7 @@ static void qbus_list_bus(DeviceState *dev, Error **errp)
 error_append_hint(errp, "%s\"%s\"", sep, child->name);
 sep = ", ";
 }
+error_append_hint(errp, "\n");
 }
 
 static void qbus_list_dev(BusState *bus, Error **errp)
@@ -321,6 +322,7 @@ static void qbus_list_dev(BusState *bus, Error **errp)
 }
 sep = ", ";
 }
+error_append_hint(errp, "\n");
 }
 
 static BusState *qbus_find_bus(DeviceState *dev, char *elem)
diff --git a/util/error.c b/util/error.c
index 80c89a2..9b27c45 100644
--- a/util/error.c
+++ b/util/error.c
@@ -204,7 +204,7 @@ void error_report_err(Error *err)
 {
 error_report("%s", error_get_pretty(err));
 if (err->hint) {
-error_printf_unless_qmp("%s\n", err->hint->str);
+error_printf_unless_qmp("%s", err->hint->str);
 }
 error_free(err);
 }
diff --git a/util/qemu-option.c b/util/qemu-option.c
index a50ecea..a2d593a 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -206,7 +206,7 @@ void parse_option_size(const char *name, const char *value,
 default:
 error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name, "a size");
 error_append_hint(errp, "You may use k, M, G or T suffixes for "
-"kilobytes, megabytes, gigabytes and terabytes.");
+"kilobytes, megabytes, gigabytes and terabytes.\n");
 return;
 }
 } else {
@@ -647,7 +647,7 @@ QemuOpts *qemu_opts_create(QemuOptsList *list, const char 
*id,
 error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id",
"an identifier");
 error_append_hint(errp, "Identifiers consist of letters, digits, "
-  "'-', '.', '_', starting with a letter.");
+  "'-', '.', '_', starting with a letter.\n");
 return NULL;
 }
 opts = qemu_opts_find(list, id);
-- 
2.4.3

[Qemu-devel] [PULL 01/41] error: Document how to accumulate multiple errors

[Markus Armbruster]

Suggested-by: Eric Blake 
Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1447776349-2344-1-git-send-email-arm...@redhat.com>
---
 include/qapi/error.h | 17 +
 1 file changed, 17 insertions(+)

diff --git a/include/qapi/error.h b/include/qapi/error.h
index 6285cf5..1480f59 100644
--- a/include/qapi/error.h
+++ b/include/qapi/error.h
@@ -76,6 +76,23 @@
  * But when all you do with the error is pass it on, please use
  * foo(arg, errp);
  * for readability.
+ *
+ * Receive and accumulate multiple errors (first one wins):
+ * Error *err = NULL, *local_err = NULL;
+ * foo(arg, );
+ * bar(arg, _err);
+ * error_propagate(, local_err);
+ * if (err) {
+ * handle the error...
+ * }
+ *
+ * Do *not* "optimize" this to
+ * foo(arg, );
+ * bar(arg, ); // WRONG!
+ * if (err) {
+ * handle the error...
+ * }
+ * because this may pass a non-null err to bar().
  */
 
 #ifndef ERROR_H
-- 
2.4.3

[Qemu-devel] [PULL 20/41] error: Use error_report_err() instead of ad hoc prints

[Markus Armbruster]

Unlike ad hoc prints, error_report_err() uses the error whole instead
of just its message obtained with error_get_pretty().  This avoids
suppressing its hint (see commit 50b7b00).  Example:

$ bld/ivshmem-server -l 42@
Parameter 'shm_size' expects a size
You may use k, M, G or T suffixes for kilobytes, megabytes, gigabytes and 
terabytes.

The last line is new with this patch.

While there, drop a "cannot parse shm size: " message prefix; it's
redundant, because the error message proper is always of the form
"Parameter 'shm_size' expects ...".

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-5-git-send-email-arm...@redhat.com>
---
 contrib/ivshmem-server/main.c | 4 +---
 qdev-monitor.c| 3 +--
 qemu-nbd.c| 3 +--
 3 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/contrib/ivshmem-server/main.c b/contrib/ivshmem-server/main.c
index 54ff001..00508b5 100644
--- a/contrib/ivshmem-server/main.c
+++ b/contrib/ivshmem-server/main.c
@@ -106,9 +106,7 @@ ivshmem_server_parse_args(IvshmemServerArgs *args, int 
argc, char *argv[])
 case 'l': /* shm_size */
 parse_option_size("shm_size", optarg, >shm_size, );
 if (errp) {
-fprintf(stderr, "cannot parse shm size: %s\n",
-error_get_pretty(errp));
-error_free(errp);
+error_report_err(errp);
 ivshmem_server_usage(argv[0], 1);
 }
 break;
diff --git a/qdev-monitor.c b/qdev-monitor.c
index 30936df..3ce4710 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -266,8 +266,7 @@ int qdev_device_help(QemuOpts *opts)
 return 1;
 
 error:
-error_printf("%s\n", error_get_pretty(local_err));
-error_free(local_err);
+error_report_err(local_err);
 return 1;
 }
 
diff --git a/qemu-nbd.c b/qemu-nbd.c
index 65c0ebd..706552e 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -251,8 +251,7 @@ static void *nbd_client_thread(void *arg)
 , _error);
 if (ret < 0) {
 if (local_error) {
-fprintf(stderr, "%s\n", error_get_pretty(local_error));
-error_free(local_error);
+error_report_err(local_error);
 }
 goto out_socket;
 }
-- 
2.4.3

[Qemu-devel] [PULL 15/41] audio: Clean up inappropriate and unreachable use of hw_error()

[Markus Armbruster]

audio_init() should not use hw_error(), because dumping CPU registers
is unhelpful there, and aborting is wrong, because it can be called
called from an audio device's realize() method.

The two uses of hw_error() come from commit 0d9acba:

* When qemu_new_timer() fails.  It couldn't fail back then, and it
  can't fail now.  Drop the unreachable error handling.

* When no_audio_driver can't be initialized.  It couldn't fail back
  then, and it can't fail now.  Replace the error handling by an
  assertion.

Cc: Gerd Hoffmann 
Signed-off-by: Markus Armbruster 
Reviewed-by: Gerd Hoffmann 
---
 audio/audio.c | 11 ++-
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/audio/audio.c b/audio/audio.c
index 5be4b15..a0fc8b3 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -1806,9 +1806,6 @@ static void audio_init (void)
 atexit (audio_atexit);
 
 s->ts = timer_new_ns(QEMU_CLOCK_VIRTUAL, audio_timer, s);
-if (!s->ts) {
-hw_error("Could not create audio timer\n");
-}
 
 audio_process_options ("AUDIO", audio_options);
 
@@ -1859,12 +1856,8 @@ static void audio_init (void)
 
 if (!done) {
 done = !audio_driver_init (s, _audio_driver);
-if (!done) {
-hw_error("Could not initialize audio subsystem\n");
-}
-else {
-dolog ("warning: Using timer based audio emulation\n");
-}
+assert(done);
+dolog("warning: Using timer based audio emulation\n");
 }
 
 if (conf.period.hertz <= 0) {
-- 
2.4.3

[Qemu-devel] [PULL 26/41] error: Don't decorate original error message when adding to it

[Markus Armbruster]

Prepend the additional information, colon, space to the original
message without enclosing it in parenthesis or quotes, like we do
elsewhere.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-11-git-send-email-arm...@redhat.com>
---
 hw/core/qdev-properties.c | 2 +-
 qemu-img.c| 2 +-
 tests/test-aio.c  | 2 +-
 tests/test-thread-pool.c  | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/core/qdev-properties.c b/hw/core/qdev-properties.c
index 33e245e..fffb58e 100644
--- a/hw/core/qdev-properties.c
+++ b/hw/core/qdev-properties.c
@@ -1063,7 +1063,7 @@ static void qdev_prop_set_globals_for_type(DeviceState 
*dev,
 object_property_parse(OBJECT(dev), prop->value, prop->property, );
 if (err != NULL) {
 assert(prop->user_provided);
-error_report("Warning: global %s.%s=%s ignored (%s)",
+error_report("Warning: global %s.%s=%s ignored: %s",
  prop->driver, prop->property, prop->value,
  error_get_pretty(err));
 error_free(err);
diff --git a/qemu-img.c b/qemu-img.c
index 3d48b4f..f4f5540 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -2439,7 +2439,7 @@ static int img_snapshot(int argc, char **argv)
 case SNAPSHOT_DELETE:
 bdrv_snapshot_delete_by_id_or_name(bs, snapshot_name, );
 if (err) {
-error_report("Could not delete snapshot '%s': (%s)",
+error_report("Could not delete snapshot '%s': %s",
  snapshot_name, error_get_pretty(err));
 error_free(err);
 ret = 1;
diff --git a/tests/test-aio.c b/tests/test-aio.c
index e188d8c..f0b447e 100644
--- a/tests/test-aio.c
+++ b/tests/test-aio.c
@@ -832,7 +832,7 @@ int main(int argc, char **argv)
 
 ctx = aio_context_new(_error);
 if (!ctx) {
-error_report("Failed to create AIO Context: '%s'",
+error_report("Failed to create AIO Context: %s",
  error_get_pretty(local_error));
 error_free(local_error);
 exit(1);
diff --git a/tests/test-thread-pool.c b/tests/test-thread-pool.c
index 6a0b981..153b8f5 100644
--- a/tests/test-thread-pool.c
+++ b/tests/test-thread-pool.c
@@ -229,7 +229,7 @@ int main(int argc, char **argv)
 
 ctx = aio_context_new(_error);
 if (!ctx) {
-error_report("Failed to create AIO Context: '%s'",
+error_report("Failed to create AIO Context: %s",
  error_get_pretty(local_error));
 error_free(local_error);
 exit(1);
-- 
2.4.3

[Qemu-devel] [PULL 21/41] error: Improve documentation

[Markus Armbruster]

While there, tighten error_append_hint()'s assertion.

Signed-off-by: Markus Armbruster 
Message-Id: <1450452927-8346-6-git-send-email-arm...@redhat.com>
Reviewed-by: Eric Blake 
---
 include/qapi/error.h | 20 ++--
 util/error.c |  2 +-
 util/qemu-error.c|  8 
 3 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/include/qapi/error.h b/include/qapi/error.h
index 1480f59..b18a608 100644
--- a/include/qapi/error.h
+++ b/include/qapi/error.h
@@ -18,6 +18,15 @@
  * Create an error:
  * error_setg(, "situation normal, all fouled up");
  *
+ * Create an error and add additional explanation:
+ * error_setg(, "invalid quark");
+ * error_append_hint(, "Valid quarks are up, down, strange, "
+ *   "charm, top, bottom.\n");
+ *
+ * Do *not* contract this to
+ * error_setg(, "invalid quark\n"
+ *"Valid quarks are up, down, strange, charm, top, bottom.");
+ *
  * Report an error to stderr:
  * error_report_err(err);
  * This frees the error object.
@@ -26,6 +35,7 @@
  * const char *msg = error_get_pretty(err);
  * do with msg what needs to be done...
  * error_free(err);
+ * Note that this loses hints added with error_append_hint().
  *
  * Handle an error without reporting it (just for completeness):
  * error_free(err);
@@ -142,6 +152,8 @@ ErrorClass error_get_class(const Error *err);
  * If @errp is anything else, *@errp must be NULL.
  * The new error's class is ERROR_CLASS_GENERIC_ERROR, and its
  * human-readable error message is made from printf-style @fmt, ...
+ * The resulting message should be a single phrase, with no newline or
+ * trailing punctuation.
  */
 #define error_setg(errp, fmt, ...)  \
 error_setg_internal((errp), __FILE__, __LINE__, __func__,   \
@@ -198,7 +210,11 @@ void error_propagate(Error **dst_errp, Error *local_err);
 
 /**
  * Append a printf-style human-readable explanation to an existing error.
- * May be called multiple times, and safe if @errp is NULL.
+ * @errp may be NULL, but not _fatal or _abort.
+ * Trivially the case if you call it only after error_setg() or
+ * error_propagate().
+ * May be called multiple times.  The resulting hint should end with a
+ * newline.
  */
 void error_append_hint(Error **errp, const char *fmt, ...)
 GCC_FMT_ATTR(2, 3);
@@ -232,7 +248,7 @@ void error_free_or_abort(Error **errp);
 /*
  * Convenience function to error_report() and free @err.
  */
-void error_report_err(Error *);
+void error_report_err(Error *err);
 
 /*
  * Just like error_setg(), except you get to specify the error class.
diff --git a/util/error.c b/util/error.c
index 9b27c45..ebfb74b 100644
--- a/util/error.c
+++ b/util/error.c
@@ -132,7 +132,7 @@ void error_append_hint(Error **errp, const char *fmt, ...)
 return;
 }
 err = *errp;
-assert(err && errp != _abort);
+assert(err && errp != _abort && errp != _fatal);
 
 if (!err->hint) {
 err->hint = g_string_new(NULL);
diff --git a/util/qemu-error.c b/util/qemu-error.c
index c1574bb..ecf5708 100644
--- a/util/qemu-error.c
+++ b/util/qemu-error.c
@@ -200,8 +200,8 @@ static void error_print_loc(void)
 bool enable_timestamp_msg;
 /*
  * Print an error message to current monitor if we have one, else to stderr.
- * Format arguments like vsprintf().  The result should not contain
- * newlines.
+ * Format arguments like vsprintf().  The resulting message should be
+ * a single phrase, with no newline or trailing punctuation.
  * Prepend the current location and append a newline.
  * It's wrong to call this in a QMP monitor.  Use error_setg() there.
  */
@@ -224,8 +224,8 @@ void error_vreport(const char *fmt, va_list ap)
 
 /*
  * Print an error message to current monitor if we have one, else to stderr.
- * Format arguments like sprintf().  The result should not contain
- * newlines.
+ * Format arguments like sprintf().  The resulting message should be a
+ * single phrase, with no newline or trailing punctuation.
  * Prepend the current location and append a newline.
  * It's wrong to call this in a QMP monitor.  Use error_setg() there.
  */
-- 
2.4.3

[Qemu-devel] [PULL 35/41] pci-assign: Clean up "Failed to assign" error messages

[Markus Armbruster]

The arguments of error_setg() & friends should yield a short error
string without newlines.

Two places try to append additional help to the error message by
embedding newlines in the error string.  That's nice, but let's do it
the right way, with error_append_hint().

Cc: Laszlo Ersek 
Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-20-git-send-email-arm...@redhat.com>
Reviewed-by: Laszlo Ersek 
---
 hw/i386/kvm/pci-assign.c | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/hw/i386/kvm/pci-assign.c b/hw/i386/kvm/pci-assign.c
index 0fd6923..eec1340 100644
--- a/hw/i386/kvm/pci-assign.c
+++ b/hw/i386/kvm/pci-assign.c
@@ -770,7 +770,7 @@ static char *assign_failed_examine(const AssignedDevice 
*dev)
 "*** $ echo \"%04x:%02x:%02x.%x\" > /sys/bus/pci/drivers/"
 "pci-stub/bind\n"
 "*** $ echo \"%04x %04x\" > /sys/bus/pci/drivers/pci-stub/remove_id\n"
-"***",
+"***\n",
 ns, dev->host.domain, dev->host.bus, dev->host.slot,
 dev->host.function, vendor_id, device_id,
 dev->host.domain, dev->host.bus, dev->host.slot, dev->host.function,
@@ -778,7 +778,7 @@ static char *assign_failed_examine(const AssignedDevice 
*dev)
 dev->host.function, vendor_id, device_id);
 
 fail:
-return g_strdup("Couldn't find out why.");
+return g_strdup("Couldn't find out why.\n");
 }
 
 static void assign_device(AssignedDevice *dev, Error **errp)
@@ -812,8 +812,9 @@ static void assign_device(AssignedDevice *dev, Error **errp)
 char *cause;
 
 cause = assign_failed_examine(dev);
-error_setg_errno(errp, -r, "Failed to assign device \"%s\"\n%s",
- dev->dev.qdev.id, cause);
+error_setg_errno(errp, -r, "Failed to assign device \"%s\"",
+ dev->dev.qdev.id);
+error_append_hint(errp, "%s", cause);
 g_free(cause);
 break;
 }
@@ -912,11 +913,10 @@ retry:
 dev->features |= ASSIGNED_DEVICE_PREFER_MSI_MASK;
 goto retry;
 }
-error_setg_errno(errp, -r,
- "Failed to assign irq for \"%s\"\n"
- "Perhaps you are assigning a device "
- "that shares an IRQ with another device?",
+error_setg_errno(errp, -r, "Failed to assign irq for \"%s\"",
  dev->dev.qdev.id);
+error_append_hint(errp, "Perhaps you are assigning a device "
+  "that shares an IRQ with another device?\n");
 return r;
 }
 
-- 
2.4.3

[Qemu-devel] [PULL 17/41] qemu-nbd: Replace BSDism by error_report()

[Markus Armbruster]

Coccinelle semantic patch

@@
expression E;
expression list ARGS;
@@
-   errx(E, ARGS);
+   error_report(ARGS);
+   exit(E);
@@
expression E, FMT;
expression list ARGS;
@@
-   err(E, FMT, ARGS);
+   error_report(FMT /*": %s"*/, ARGS, strerror(errno));
+   exit(E);

followed by a replace of '"/*": %s"*/' by ' : %s"', because I can't
figure out how to make Coccinelle transform strings.

A few of the error messages touched have trailing newlines.  They'll
be stripped later in this series.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-2-git-send-email-arm...@redhat.com>
---
 qemu-nbd.c | 121 +++--
 1 file changed, 77 insertions(+), 44 deletions(-)

diff --git a/qemu-nbd.c b/qemu-nbd.c
index 65dc30c..d5c32de 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -30,7 +30,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -158,7 +157,8 @@ static int find_partition(BlockBackend *blk, int partition,
 
 if ((ret = blk_read(blk, 0, data, 1)) < 0) {
 errno = -ret;
-err(EXIT_FAILURE, "error while reading");
+error_report("error while reading: %s", strerror(errno));
+exit(EXIT_FAILURE);
 }
 
 if (data[510] != 0x55 || data[511] != 0xaa) {
@@ -179,7 +179,8 @@ static int find_partition(BlockBackend *blk, int partition,
 
 if ((ret = blk_read(blk, mbr[i].start_sector_abs, data1, 1)) < 0) {
 errno = -ret;
-err(EXIT_FAILURE, "error while reading");
+error_report("error while reading: %s", strerror(errno));
+exit(EXIT_FAILURE);
 }
 
 for (j = 0; j < 4; j++) {
@@ -454,16 +455,19 @@ int main(int argc, char **argv)
 /* fallthrough */
 case QEMU_NBD_OPT_CACHE:
 if (seen_cache) {
-errx(EXIT_FAILURE, "-n and --cache can only be specified 
once");
+error_report("-n and --cache can only be specified once");
+exit(EXIT_FAILURE);
 }
 seen_cache = true;
 if (bdrv_parse_cache_flags(optarg, ) == -1) {
-errx(EXIT_FAILURE, "Invalid cache mode `%s'", optarg);
+error_report("Invalid cache mode `%s'", optarg);
+exit(EXIT_FAILURE);
 }
 break;
 case QEMU_NBD_OPT_AIO:
 if (seen_aio) {
-errx(EXIT_FAILURE, "--aio can only be specified once");
+error_report("--aio can only be specified once");
+exit(EXIT_FAILURE);
 }
 seen_aio = true;
 if (!strcmp(optarg, "native")) {
@@ -471,16 +475,19 @@ int main(int argc, char **argv)
 } else if (!strcmp(optarg, "threads")) {
 /* this is the default */
 } else {
-   errx(EXIT_FAILURE, "invalid aio mode `%s'", optarg);
+   error_report("invalid aio mode `%s'", optarg);
+   exit(EXIT_FAILURE);
 }
 break;
 case QEMU_NBD_OPT_DISCARD:
 if (seen_discard) {
-errx(EXIT_FAILURE, "--discard can only be specified once");
+error_report("--discard can only be specified once");
+exit(EXIT_FAILURE);
 }
 seen_discard = true;
 if (bdrv_parse_discard_flags(optarg, ) == -1) {
-errx(EXIT_FAILURE, "Invalid discard mode `%s'", optarg);
+error_report("Invalid discard mode `%s'", optarg);
+exit(EXIT_FAILURE);
 }
 break;
 case QEMU_NBD_OPT_DETECT_ZEROES:
@@ -491,13 +498,15 @@ int main(int argc, char **argv)
 BLOCKDEV_DETECT_ZEROES_OPTIONS_OFF,
 _err);
 if (local_err) {
-errx(EXIT_FAILURE, "Failed to parse detect_zeroes mode: %s", 
- error_get_pretty(local_err));
+error_report("Failed to parse detect_zeroes mode: %s",
+ error_get_pretty(local_err));
+exit(EXIT_FAILURE);
 }
 if (detect_zeroes == BLOCKDEV_DETECT_ZEROES_OPTIONS_UNMAP &&
 !(flags & BDRV_O_UNMAP)) {
-errx(EXIT_FAILURE, "setting detect-zeroes to unmap is not 
allowed "
-   "without setting discard operation to 
unmap"); 
+error_report("setting detect-zeroes to unmap is not allowed "
+ "without setting discard operation to unmap");
+exit(EXIT_FAILURE);
 }
 break;
 case 'b':
@@ -509,10 +518,12 @@ int main(int argc, char **argv)
 case 'o':
 dev_offset = strtoll 

[Qemu-devel] [PULL 13/41] isa: Clean up error handling around isa_bus_new()

[Markus Armbruster]

We can have at most one ISA bus.  If you try to create another one,
isa_bus_new() complains to stderr and returns null.

isa_bus_new() is called in two contexts, machine's init() and device's
realize() methods.  Since complaining to stderr is not proper in the
latter context, convert isa_bus_new() to Error.

Machine's init():

* mips_jazz_init(), called from the init() methods of machines
  "magnum" and "pica"

* mips_r4k_init(), the init() method of machine "mips"

* pc_init1() called from the init() methods of non-q35 PC machines

* typhoon_init(), called from clipper_init(), the init() method of
  machine "clipper"

These callers always create the first ISA bus, hence isa_bus_new()
can't fail.  Simply pass _abort.

Device's realize():

* i82378_realize(), of PCI device "i82378"

* ich9_lpc_realize(), of PCI device "ICH9-LPC"

* pci_ebus_realize(), of PCI device "ebus"

* piix3_realize(), of PCI device "pci-piix3", abstract parent of
  "PIIX3" and "PIIX3-xen"

* piix4_realize(), of PCI device "PIIX4"

* vt82c686b_realize(), of PCI device "VT82C686B"

Propagate the error.  Note that these devices are typically created
only by machine init() methods with qdev_init_nofail() or similar.  If
we screwed up and created an ISA bus before that call, we now give up
right away.  Before, we'd hobble on, and typically die in
isa_bus_irqs().  Similar if someone finds a way to hot-plug one of
these critters.

Cc: Richard Henderson 
Cc: "Michael S. Tsirkin" 
Cc: "Hervé Poussineau" 
Cc: Aurelien Jarno 
Cc: Mark Cave-Ayland 
Signed-off-by: Markus Armbruster 
Reviewed-by: Marcel Apfelbaum 
Reviewed-by: Hervé Poussineau 
Reviewed-by: Michael S. Tsirkin 
Message-Id: <1450370121-5768-11-git-send-email-arm...@redhat.com>
---
 hw/alpha/typhoon.c   | 3 ++-
 hw/i386/pc_piix.c| 3 ++-
 hw/isa/i82378.c  | 5 -
 hw/isa/isa-bus.c | 4 ++--
 hw/isa/lpc_ich9.c| 6 +-
 hw/isa/piix4.c   | 6 --
 hw/isa/vt82c686.c| 5 -
 hw/mips/mips_jazz.c  | 2 +-
 hw/mips/mips_r4k.c   | 2 +-
 hw/pci-host/piix.c   | 6 --
 hw/sparc64/sun4u.c   | 6 --
 include/hw/isa/isa.h | 2 +-
 12 files changed, 34 insertions(+), 16 deletions(-)

diff --git a/hw/alpha/typhoon.c b/hw/alpha/typhoon.c
index 421162e..35dc8a5 100644
--- a/hw/alpha/typhoon.c
+++ b/hw/alpha/typhoon.c
@@ -920,7 +920,8 @@ PCIBus *typhoon_init(ram_addr_t ram_size, ISABus **isa_bus,
 {
 qemu_irq *isa_irqs;
 
-*isa_bus = isa_bus_new(NULL, get_system_memory(), >pchip.reg_io);
+*isa_bus = isa_bus_new(NULL, get_system_memory(), >pchip.reg_io,
+   _abort);
 isa_irqs = i8259_init(*isa_bus,
   qemu_allocate_irq(typhoon_set_isa_irq, s, 0));
 isa_bus_irqs(*isa_bus, isa_irqs);
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 438cdae..df2b824 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -189,7 +189,8 @@ static void pc_init1(MachineState *machine,
 } else {
 pci_bus = NULL;
 i440fx_state = NULL;
-isa_bus = isa_bus_new(NULL, get_system_memory(), system_io);
+isa_bus = isa_bus_new(NULL, get_system_memory(), system_io,
+  _abort);
 no_hpet = 1;
 }
 isa_bus_irqs(isa_bus, gsi);
diff --git a/hw/isa/i82378.c b/hw/isa/i82378.c
index d4c8306..3793c6f 100644
--- a/hw/isa/i82378.c
+++ b/hw/isa/i82378.c
@@ -75,7 +75,10 @@ static void i82378_realize(PCIDevice *pci, Error **errp)
 pci_config_set_interrupt_pin(pci_conf, 1); /* interrupt pin 0 */
 
 isabus = isa_bus_new(dev, get_system_memory(),
- pci_address_space_io(pci));
+ pci_address_space_io(pci), errp);
+if (!isabus) {
+return;
+}
 
 /* This device has:
2 82C59 (irq)
diff --git a/hw/isa/isa-bus.c b/hw/isa/isa-bus.c
index 43e0cd8..af6ffd6 100644
--- a/hw/isa/isa-bus.c
+++ b/hw/isa/isa-bus.c
@@ -44,10 +44,10 @@ static const TypeInfo isa_bus_info = {
 };
 
 ISABus *isa_bus_new(DeviceState *dev, MemoryRegion* address_space,
-MemoryRegion *address_space_io)
+MemoryRegion *address_space_io, Error **errp)
 {
 if (isabus) {
-fprintf(stderr, "Can't create a second ISA bus\n");
+error_setg(errp, "Can't create a second ISA bus");
 return NULL;
 }
 if (!dev) {
diff --git a/hw/isa/lpc_ich9.c b/hw/isa/lpc_ich9.c
index 8e58449..ed9907d 100644
--- a/hw/isa/lpc_ich9.c
+++ b/hw/isa/lpc_ich9.c
@@ -607,7 +607,11 @@ static void ich9_lpc_realize(PCIDevice *d, Error **errp)
 ICH9LPCState *lpc = ICH9_LPC_DEVICE(d);
 ISABus *isa_bus;
 
-isa_bus = isa_bus_new(DEVICE(d), get_system_memory(), get_system_io());
+isa_bus = isa_bus_new(DEVICE(d), get_system_memory(), get_system_io(),
+ 

[Qemu-devel] [PULL 37/41] error: Clean up errors with embedded newlines (again)

[Markus Armbruster]

The arguments of error_report() should yield a short error string
without newlines.

A few places try to print additional help after the error message by
embedding newlines in the error string.  That's nice, but let's do it
the right way.  Commit 474c213 cleaned up some, but they keep coming
back.  Offenders tracked down with the Coccinelle semantic patch from
commit 312fd5f.

Cc: Laszlo Ersek 
Cc: Pavel Fedin 
Signed-off-by: Markus Armbruster 
Reviewed-by: Laszlo Ersek 
Reviewed-by: Eric Blake 
Signed-off-by: Markus Armbruster 
---
 hw/i386/pc.c | 4 ++--
 kvm-all.c| 6 +++---
 qemu-nbd.c   | 5 ++---
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 0e5c86a..9e37186 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -377,8 +377,8 @@ ISADevice *pc_find_fdc0(void)
 
 if (state.multiple) {
 error_report("warning: multiple floppy disk controllers with "
- "iobase=0x3f0 have been found;\n"
- "the one being picked for CMOS setup might not reflect "
+ "iobase=0x3f0 have been found");
+error_printf("the one being picked for CMOS setup might not reflect "
  "your intent");
 }
 
diff --git a/kvm-all.c b/kvm-all.c
index bd9e764..9148889 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -2063,9 +2063,9 @@ void kvm_device_access(int fd, int group, uint64_t attr,
write ? KVM_SET_DEVICE_ATTR : KVM_GET_DEVICE_ATTR,
);
 if (err < 0) {
-error_report("KVM_%s_DEVICE_ATTR failed: %s\n"
- "Group %d attr 0x%016" PRIx64, write ? "SET" : "GET",
- strerror(-err), group, attr);
+error_report("KVM_%s_DEVICE_ATTR failed: %s",
+ write ? "SET" : "GET", strerror(-err));
+error_printf("Group %d attr 0x%016" PRIx64, group, attr);
 abort();
 }
 }
diff --git a/qemu-nbd.c b/qemu-nbd.c
index 023eacd..a4cf847 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -599,9 +599,8 @@ int main(int argc, char **argv)
 }
 
 if ((argc - optind) != 1) {
-error_report("Invalid number of argument.\n"
- "Try `%s --help' for more information.",
- argv[0]);
+error_report("Invalid number of arguments");
+error_printf("Try `%s --help' for more information.\n", argv[0]);
 exit(EXIT_FAILURE);
 }
 
-- 
2.4.3

[Qemu-devel] [PULL 33/41] vmdk: Clean up control flow in vmdk_parse_extents() a bit

[Markus Armbruster]

Factor out loop stepping to turn a while-loop with goto into a
for-loop with continue.

Cc: Fam Zheng 
Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Reviewed-by: Fam Zheng 
Message-Id: <1450452927-8346-18-git-send-email-arm...@redhat.com>
---
 block/vmdk.c | 28 +++-
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/block/vmdk.c b/block/vmdk.c
index b4a224e..08fa3f3 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -760,6 +760,17 @@ static int vmdk_open_sparse(BlockDriverState *bs, 
BdrvChild *file, int flags,
 }
 }
 
+static const char *next_line(const char *s)
+{
+while (*s) {
+if (*s == '\n') {
+return s + 1;
+}
+s++;
+}
+return s;
+}
+
 static int vmdk_parse_extents(const char *desc, BlockDriverState *bs,
   const char *desc_file_path, QDict *options,
   Error **errp)
@@ -769,7 +780,7 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 char access[11];
 char type[11];
 char fname[512];
-const char *p = desc;
+const char *p;
 int64_t sectors = 0;
 int64_t flat_offset;
 char *extent_path;
@@ -779,7 +790,7 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 char extent_opt_prefix[32];
 Error *local_err = NULL;
 
-while (*p) {
+for (p = desc; *p; p = next_line(p)) {
 /* parse extent line in one of below formats:
  *
  * RW [size in sectors] FLAT "file-name.vmdk" OFFSET
@@ -791,7 +802,7 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 matches = sscanf(p, "%10s %" SCNd64 " %10s \"%511[^\n\r\"]\" %" SCNd64,
  access, , type, fname, _offset);
 if (matches < 4 || strcmp(access, "RW")) {
-goto next_line;
+continue;
 } else if (!strcmp(type, "FLAT")) {
 if (matches != 5 || flat_offset < 0) {
 error_setg(errp, "Invalid extent lines: \n%s", p);
@@ -813,7 +824,7 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 (strcmp(type, "FLAT") && strcmp(type, "SPARSE") &&
  strcmp(type, "VMFS") && strcmp(type, "VMFSSPARSE")) ||
 (strcmp(access, "RW"))) {
-goto next_line;
+continue;
 }
 
 if (!path_is_absolute(fname) && !path_has_protocol(fname) &&
@@ -870,15 +881,6 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 return -ENOTSUP;
 }
 extent->type = g_strdup(type);
-next_line:
-/* move to next line */
-while (*p) {
-if (*p == '\n') {
-p++;
-break;
-}
-p++;
-}
 }
 return 0;
 }
-- 
2.4.3

[Qemu-devel] [PULL 25/41] error: New error_prepend(), error_reportf_err()

[Markus Armbruster]

Instead of simply propagating an error verbatim, we sometimes want to
add to its message, like this:

frobnicate(arg, );
error_setg(errp, "Can't frobnicate %s: %s",
 arg, error_get_pretty(err));
error_free(err);

This is suboptimal, because it loses err's hint (if any).  Moreover,
when errp is _abort or is subsequently propagated to
_abort, the abort message points to the place where we last
added to the error, not to the place where it originated.

To avoid these issues, provide means to add to an error's message in
place:

frobnicate(arg, errp);
error_prepend(errp, "Can't frobnicate %s: ", arg);

Likewise, reporting an error like

frobnicate(arg, );
error_report("Can't frobnicate %s: %s", arg, error_get_pretty(err));

can lose err's hint.  To avoid:

error_reportf_err(err, "Can't frobnicate %s: ", arg);

The next commits will put these functions to use.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-10-git-send-email-arm...@redhat.com>
---
 include/qapi/error.h | 31 +--
 util/error.c | 33 +
 2 files changed, 62 insertions(+), 2 deletions(-)

diff --git a/include/qapi/error.h b/include/qapi/error.h
index b18a608..45d6c72 100644
--- a/include/qapi/error.h
+++ b/include/qapi/error.h
@@ -31,6 +31,9 @@
  * error_report_err(err);
  * This frees the error object.
  *
+ * Report an error to stderr with additional text prepended:
+ * error_reportf_err(err, "Could not frobnicate '%s': ", name);
+ *
  * Report an error somewhere else:
  * const char *msg = error_get_pretty(err);
  * do with msg what needs to be done...
@@ -48,6 +51,10 @@
  * error_propagate(errp, err);
  * where Error **errp is a parameter, by convention the last one.
  *
+ * Pass an existing error to the caller with the message modified:
+ * error_propagate(errp, err);
+ * error_prepend(errp, "Could not frobnicate '%s': ", name);
+ *
  * Create a new error and pass it to the caller:
  * error_setg(errp, "situation normal, all fouled up");
  *
@@ -108,9 +115,10 @@
 #ifndef ERROR_H
 #define ERROR_H
 
+#include 
+#include 
 #include "qemu/compiler.h"
 #include "qapi-types.h"
-#include 
 
 /*
  * Opaque error object.
@@ -208,7 +216,20 @@ void error_setg_win32_internal(Error **errp,
  */
 void error_propagate(Error **dst_errp, Error *local_err);
 
-/**
+/*
+ * Prepend some text to @errp's human-readable error message.
+ * The text is made by formatting @fmt, @ap like vprintf().
+ */
+void error_vprepend(Error **errp, const char *fmt, va_list ap);
+
+/*
+ * Prepend some text to @errp's human-readable error message.
+ * The text is made by formatting @fmt, ... like printf().
+ */
+void error_prepend(Error **errp, const char *fmt, ...)
+GCC_FMT_ATTR(2, 3);
+
+/*
  * Append a printf-style human-readable explanation to an existing error.
  * @errp may be NULL, but not _fatal or _abort.
  * Trivially the case if you call it only after error_setg() or
@@ -251,6 +272,12 @@ void error_free_or_abort(Error **errp);
 void error_report_err(Error *err);
 
 /*
+ * Convenience function to error_prepend(), error_report() and free @err.
+ */
+void error_reportf_err(Error *err, const char *fmt, ...)
+GCC_FMT_ATTR(2, 3);
+
+/*
  * Just like error_setg(), except you get to specify the error class.
  * Note: use of error classes other than ERROR_CLASS_GENERIC_ERROR is
  * strongly discouraged.
diff --git a/util/error.c b/util/error.c
index ebfb74b..57303fd 100644
--- a/util/error.c
+++ b/util/error.c
@@ -122,6 +122,29 @@ void error_setg_file_open_internal(Error **errp,
   "Could not open '%s'", filename);
 }
 
+void error_vprepend(Error **errp, const char *fmt, va_list ap)
+{
+GString *newmsg;
+
+if (!errp) {
+return;
+}
+
+newmsg = g_string_new(NULL);
+g_string_vprintf(newmsg, fmt, ap);
+g_string_append(newmsg, (*errp)->msg);
+(*errp)->msg = g_string_free(newmsg, 0);
+}
+
+void error_prepend(Error **errp, const char *fmt, ...)
+{
+va_list ap;
+
+va_start(ap, fmt);
+error_vprepend(errp, fmt, ap);
+va_end(ap);
+}
+
 void error_append_hint(Error **errp, const char *fmt, ...)
 {
 va_list ap;
@@ -209,6 +232,16 @@ void error_report_err(Error *err)
 error_free(err);
 }
 
+void error_reportf_err(Error *err, const char *fmt, ...)
+{
+va_list ap;
+
+va_start(ap, fmt);
+error_vprepend(, fmt, ap);
+va_end(ap);
+error_report_err(err);
+}
+
 void error_free(Error *err)
 {
 if (err) {
-- 
2.4.3

[Qemu-devel] [PULL 40/41] error: Consistently name Error * objects err, and not errp

[Markus Armbruster]

Signed-off-by: Markus Armbruster 
Message-Id: <1450452927-8346-25-git-send-email-arm...@redhat.com>
Reviewed-by: Eric Blake 
---
 contrib/ivshmem-server/main.c  |  8 
 hmp.c  | 32 
 hw/core/nmi.c  | 10 +-
 include/qemu/sockets.h |  2 +-
 tests/test-string-output-visitor.c |  6 +++---
 5 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/contrib/ivshmem-server/main.c b/contrib/ivshmem-server/main.c
index 00508b5..9b0d6e2 100644
--- a/contrib/ivshmem-server/main.c
+++ b/contrib/ivshmem-server/main.c
@@ -65,7 +65,7 @@ ivshmem_server_parse_args(IvshmemServerArgs *args, int argc, 
char *argv[])
 {
 int c;
 unsigned long long v;
-Error *errp = NULL;
+Error *err = NULL;
 
 while ((c = getopt(argc, argv,
"h"  /* help */
@@ -104,9 +104,9 @@ ivshmem_server_parse_args(IvshmemServerArgs *args, int 
argc, char *argv[])
 break;
 
 case 'l': /* shm_size */
-parse_option_size("shm_size", optarg, >shm_size, );
-if (errp) {
-error_report_err(errp);
+parse_option_size("shm_size", optarg, >shm_size, );
+if (err) {
+error_report_err(err);
 ivshmem_server_usage(argv[0], 1);
 }
 break;
diff --git a/hmp.c b/hmp.c
index 9723397..54f2620 100644
--- a/hmp.c
+++ b/hmp.c
@@ -2078,11 +2078,11 @@ void hmp_rocker(Monitor *mon, const QDict *qdict)
 {
 const char *name = qdict_get_str(qdict, "name");
 RockerSwitch *rocker;
-Error *errp = NULL;
+Error *err = NULL;
 
-rocker = qmp_query_rocker(name, );
-if (errp != NULL) {
-hmp_handle_error(mon, );
+rocker = qmp_query_rocker(name, );
+if (err != NULL) {
+hmp_handle_error(mon, );
 return;
 }
 
@@ -2097,11 +2097,11 @@ void hmp_rocker_ports(Monitor *mon, const QDict *qdict)
 {
 RockerPortList *list, *port;
 const char *name = qdict_get_str(qdict, "name");
-Error *errp = NULL;
+Error *err = NULL;
 
-list = qmp_query_rocker_ports(name, );
-if (errp != NULL) {
-hmp_handle_error(mon, );
+list = qmp_query_rocker_ports(name, );
+if (err != NULL) {
+hmp_handle_error(mon, );
 return;
 }
 
@@ -2126,11 +2126,11 @@ void hmp_rocker_of_dpa_flows(Monitor *mon, const QDict 
*qdict)
 RockerOfDpaFlowList *list, *info;
 const char *name = qdict_get_str(qdict, "name");
 uint32_t tbl_id = qdict_get_try_int(qdict, "tbl_id", -1);
-Error *errp = NULL;
+Error *err = NULL;
 
-list = qmp_query_rocker_of_dpa_flows(name, tbl_id != -1, tbl_id, );
-if (errp != NULL) {
-hmp_handle_error(mon, );
+list = qmp_query_rocker_of_dpa_flows(name, tbl_id != -1, tbl_id, );
+if (err != NULL) {
+hmp_handle_error(mon, );
 return;
 }
 
@@ -2276,12 +2276,12 @@ void hmp_rocker_of_dpa_groups(Monitor *mon, const QDict 
*qdict)
 RockerOfDpaGroupList *list, *g;
 const char *name = qdict_get_str(qdict, "name");
 uint8_t type = qdict_get_try_int(qdict, "type", 9);
-Error *errp = NULL;
+Error *err = NULL;
 bool set = false;
 
-list = qmp_query_rocker_of_dpa_groups(name, type != 9, type, );
-if (errp != NULL) {
-hmp_handle_error(mon, );
+list = qmp_query_rocker_of_dpa_groups(name, type != 9, type, );
+if (err != NULL) {
+hmp_handle_error(mon, );
 return;
 }
 
diff --git a/hw/core/nmi.c b/hw/core/nmi.c
index de1d1f8..4057cdd 100644
--- a/hw/core/nmi.c
+++ b/hw/core/nmi.c
@@ -25,7 +25,7 @@
 
 struct do_nmi_s {
 int cpu_index;
-Error *errp;
+Error *err;
 bool handled;
 };
 
@@ -40,8 +40,8 @@ static int do_nmi(Object *o, void *opaque)
 NMIClass *nc = NMI_GET_CLASS(n);
 
 ns->handled = true;
-nc->nmi_monitor_handler(n, ns->cpu_index, >errp);
-if (ns->errp) {
+nc->nmi_monitor_handler(n, ns->cpu_index, >err);
+if (ns->err) {
 return -1;
 }
 }
@@ -59,13 +59,13 @@ void nmi_monitor_handle(int cpu_index, Error **errp)
 {
 struct do_nmi_s ns = {
 .cpu_index = cpu_index,
-.errp = NULL,
+.err = NULL,
 .handled = false
 };
 
 nmi_children(object_get_root(), );
 if (ns.handled) {
-error_propagate(errp, ns.errp);
+error_propagate(errp, ns.err);
 } else {
 error_setg(errp, QERR_UNSUPPORTED);
 }
diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h
index 74c692d..2e7f985 100644
--- a/include/qemu/sockets.h
+++ b/include/qemu/sockets.h
@@ -53,7 +53,7 @@ int recv_all(int fd, void *buf, int len1, bool single_read);
 /* callback function for nonblocking connect
  * valid fd on success, negative error code on failure
  */
-typedef void NonBlockingConnectHandler(int fd, Error *errp, void *opaque);
+typedef void 

[Qemu-devel] [PULL 28/41] error: Use error_prepend() where it makes obvious sense

[Markus Armbruster]

Done with this Coccinelle semantic patch

@@
expression FMT, E1, E2;
expression list ARGS;
@@
-error_setg(E1, FMT, ARGS, error_get_pretty(E2));
+error_propagate(E1, E2);/*###*/
+error_prepend(E1, FMT/*@@@*/, ARGS);

followed by manual cleanup, first because I can't figure out how to
make Coccinelle transform strings, and second to get rid of now
superfluous error_propagate().

We now use or propagate the original error whole instead of just its
message obtained with error_get_pretty().  This avoids suppressing its
hint (see commit 50b7b00), but I can't see how the errors touched in
this commit could come with hints.  It also improves the message
printed with _abort when we screw up (see commit 1e9b65b).

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
---
 block.c | 19 ---
 block/qcow2.c   |  5 ++---
 block/qed.c |  5 ++---
 hw/block/dataplane/virtio-blk.c |  8 ++--
 hw/scsi/vhost-scsi.c|  6 ++
 hw/usb/bus.c|  6 +++---
 6 files changed, 19 insertions(+), 30 deletions(-)

diff --git a/block.c b/block.c
index b2bdff9..54c37f9 100644
--- a/block.c
+++ b/block.c
@@ -1349,12 +1349,10 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict 
*parent_options,
 ret = bdrv_open_inherit(_hd,
 *backing_filename ? backing_filename : NULL,
 reference, options, 0, bs, _backing,
-_err);
+errp);
 if (ret < 0) {
 bs->open_flags |= BDRV_O_NO_BACKING;
-error_setg(errp, "Could not open backing file: %s",
-   error_get_pretty(local_err));
-error_free(local_err);
+error_prepend(errp, "Could not open backing file: ");
 goto free_exit;
 }
 
@@ -1460,12 +1458,11 @@ int bdrv_append_temp_snapshot(BlockDriverState *bs, int 
flags, Error **errp)
 opts = qemu_opts_create(bdrv_qcow2.create_opts, NULL, 0,
 _abort);
 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, total_size, _abort);
-ret = bdrv_create(_qcow2, tmp_filename, opts, _err);
+ret = bdrv_create(_qcow2, tmp_filename, opts, errp);
 qemu_opts_del(opts);
 if (ret < 0) {
-error_setg(errp, "Could not create temporary overlay '%s': %s",
-   tmp_filename, error_get_pretty(local_err));
-error_free(local_err);
+error_prepend(errp, "Could not create temporary overlay '%s': ",
+  tmp_filename);
 goto out;
 }
 
@@ -3729,9 +3726,9 @@ bool bdrv_op_is_blocked(BlockDriverState *bs, BlockOpType 
op, Error **errp)
 if (!QLIST_EMPTY(>op_blockers[op])) {
 blocker = QLIST_FIRST(>op_blockers[op]);
 if (errp) {
-error_setg(errp, "Node '%s' is busy: %s",
-   bdrv_get_device_or_node_name(bs),
-   error_get_pretty(blocker->reason));
+*errp = error_copy(blocker->reason);
+error_prepend(errp, "Node '%s' is busy: ",
+  bdrv_get_device_or_node_name(bs));
 }
 return true;
 }
diff --git a/block/qcow2.c b/block/qcow2.c
index 1789af4..d992e7f 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1762,9 +1762,8 @@ static void qcow2_invalidate_cache(BlockDriverState *bs, 
Error **errp)
 ret = qcow2_open(bs, options, flags, _err);
 QDECREF(options);
 if (local_err) {
-error_setg(errp, "Could not reopen qcow2 layer: %s",
-   error_get_pretty(local_err));
-error_free(local_err);
+error_propagate(errp, local_err);
+error_prepend(errp, "Could not reopen qcow2 layer: ");
 return;
 } else if (ret < 0) {
 error_setg_errno(errp, -ret, "Could not reopen qcow2 layer");
diff --git a/block/qed.c b/block/qed.c
index 9b88895..31f4cc9 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -1611,9 +1611,8 @@ static void bdrv_qed_invalidate_cache(BlockDriverState 
*bs, Error **errp)
 memset(s, 0, sizeof(BDRVQEDState));
 ret = bdrv_qed_open(bs, NULL, bs->open_flags, _err);
 if (local_err) {
-error_setg(errp, "Could not reopen qed layer: %s",
-   error_get_pretty(local_err));
-error_free(local_err);
+error_propagate(errp, local_err);
+error_prepend(errp, "Could not reopen qed layer: ");
 return;
 } else if (ret < 0) {
 error_setg_errno(errp, -ret, "Could not reopen qed layer");
diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c
index a2529b2..b8ce6cd 100644
--- a/hw/block/dataplane/virtio-blk.c
+++ b/hw/block/dataplane/virtio-blk.c
@@ -142,7 +142,6 @@ void virtio_blk_data_plane_create(VirtIODevice *vdev, 
VirtIOBlkConf *conf,
   Error **errp)
 {
 VirtIOBlockDataPlane *s;
-Error *local_err 

Re: [Qemu-devel] [PATCH v5 0/6] i386: expose floppy-related objects in SSDT

[Roman Kagan]

On Wed, Jan 13, 2016 at 03:36:18PM +0100, Laszlo Ersek wrote:
> On 12/30/15 21:11, Roman Kagan wrote:
> > Windows on UEFI systems is only capable of detecting the presence and
> > the type of floppy drives via corresponding ACPI objects.
> 
> I'm late to the party, but please allow me a question:
> 
> how did you figure out that UEFI Windows requires this?
> 
> In general, what the ACPI specification says is at best a "guideline"
> for Windows. So how did you prove this was a requirement for Windows?

Well, my statement above that Windows on UEFI can detect floppies *only*
via ACPI is probably a bit stronger than I can actually prove but

- Windows on OVMF didn't see floppies before the patch, while Linux did
  (by querying CMOS)

- a number of sources on the internet hinted that Windows needed ACPI
  assistance for that, e.g.:

  https://www.reactos.org/wiki/UEFI#Floppy
  
https://social.technet.microsoft.com/Forums/windows/en-US/f17db175-d146-4518-b2e9-c12a15031222/legacy-floppy-compatibility-with-uefi-boot?forum=w7itprohardware
  
https://social.technet.microsoft.com/Forums/windows/en-US/e91ec27b-0c2d-44a3-b949-e77fa810a4c0/windows-7-uefi-fdd-how-to?forum=w7itprohardware

- the links mentioned the need in _FDE object but indicated it only
  allowed for successful enumeration of floppies, not the actual access;
  I proved that experimentally

- the ACPI spec stated that _FDE went in concert with _FDI so I tried it
  and it worked out

Voila.  Besides, I later discovered that a similar research had been
carried out for Parallels proprietary hypervisor, with a similar
outcome.

Roman.

[Qemu-devel] [PULL 32/41] error: Strip trailing '\n' from error string arguments (again)

[Markus Armbruster]

Commit 6daf194d, be62a2eb and 312fd5f got rid of a bunch, but they
keep coming back.  Tracked down with the Coccinelle semantic patch
from commit 312fd5f.

Cc: Fam Zheng 
Cc: Peter Crosthwaite 
Cc: Bharata B Rao 
Cc: Dominik Dingel 
Cc: David Hildenbrand 
Cc: Jason J. Herne 
Cc: Stefan Berger 
Cc: Dr. David Alan Gilbert 
Cc: Changchun Ouyang 
Cc: zhanghailiang 
Cc: Pavel Fedin 
Signed-off-by: Markus Armbruster 
Reviewed-by: Dr. David Alan Gilbert 
Acked-by: Cornelia Huck 
Acked-by: Bharata B Rao 
Acked-by: Fam Zheng 
Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-17-git-send-email-arm...@redhat.com>
---
 block/vmdk.c  |  4 ++--
 hw/arm/xlnx-zynqmp.c  |  2 +-
 hw/ppc/spapr.c|  3 ++-
 hw/s390x/ipl.c|  8 
 hw/s390x/s390-skeys-kvm.c |  2 +-
 hw/s390x/s390-skeys.c | 16 
 hw/tpm/tpm_tis.c  |  2 +-
 migration/ram.c   |  2 +-
 migration/savevm.c|  4 ++--
 net/vhost-user.c  |  6 +++---
 qemu-nbd.c|  4 ++--
 qga/commands-posix.c  |  2 +-
 target-arm/cpu.c  |  2 +-
 target-arm/machine.c  |  4 ++--
 14 files changed, 31 insertions(+), 30 deletions(-)

diff --git a/block/vmdk.c b/block/vmdk.c
index 6f819e4..b4a224e 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -1494,8 +1494,8 @@ static int vmdk_write(BlockDriverState *bs, int64_t 
sector_num,
 
 if (sector_num > bs->total_sectors) {
 error_report("Wrong offset: sector_num=0x%" PRIx64
-" total_sectors=0x%" PRIx64 "\n",
-sector_num, bs->total_sectors);
+ " total_sectors=0x%" PRIx64,
+ sector_num, bs->total_sectors);
 return -EIO;
 }
 
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
index 87553bb..20a3b2b 100644
--- a/hw/arm/xlnx-zynqmp.c
+++ b/hw/arm/xlnx-zynqmp.c
@@ -227,7 +227,7 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error 
**errp)
 }
 
 if (!s->boot_cpu_ptr) {
-error_setg(errp, "ZynqMP Boot cpu %s not found\n", boot_cpu);
+error_setg(errp, "ZynqMP Boot cpu %s not found", boot_cpu);
 return;
 }
 
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 091cdb1..50e5a26 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -1836,7 +1836,8 @@ static void ppc_spapr_init(MachineState *machine)
 ram_addr_t hotplug_mem_size = machine->maxram_size - machine->ram_size;
 
 if (machine->ram_slots > SPAPR_MAX_RAM_SLOTS) {
-error_report("Specified number of memory slots %"PRIu64" exceeds 
max supported %d\n",
+error_report("Specified number of memory slots %" PRIu64
+ " exceeds max supported %d",
  machine->ram_slots, SPAPR_MAX_RAM_SLOTS);
 exit(EXIT_FAILURE);
 }
diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c
index b91fcc6..e100428 100644
--- a/hw/s390x/ipl.c
+++ b/hw/s390x/ipl.c
@@ -94,7 +94,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 
 bios_filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
 if (bios_filename == NULL) {
-error_setg(_err, "could not find stage1 bootloader\n");
+error_setg(_err, "could not find stage1 bootloader");
 goto error;
 }
 
@@ -113,7 +113,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 g_free(bios_filename);
 
 if (bios_size == -1) {
-error_setg(_err, "could not load bootloader '%s'\n", bios_name);
+error_setg(_err, "could not load bootloader '%s'", bios_name);
 goto error;
 }
 
@@ -128,7 +128,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 kernel_size = load_image_targphys(ipl->kernel, 0, ram_size);
 }
 if (kernel_size < 0) {
-error_setg(_err, "could not load kernel '%s'\n", ipl->kernel);
+error_setg(_err, "could not load kernel '%s'", ipl->kernel);
 goto error;
 }
 /*
@@ -156,7 +156,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 initrd_size = load_image_targphys(ipl->initrd, initrd_offset,
   ram_size - initrd_offset);
 if (initrd_size == -1) {
-error_setg(_err, "could not load initrd '%s'\n", 
ipl->initrd);
+error_setg(_err, "could not load initrd '%s'", ipl->initrd);
 goto error;
 }
 
diff --git 

[Qemu-devel] [PULL 16/41] xen-hvm: Mark inappropriate error handling FIXME

[Markus Armbruster]

Cc: Stefano Stabellini 
Cc: xen-de...@lists.xensource.com
Signed-off-by: Markus Armbruster 
Message-Id: <1450370121-5768-14-git-send-email-arm...@redhat.com>
---
 xen-hvm.c | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/xen-hvm.c b/xen-hvm.c
index 3d78a0c..2a93390 100644
--- a/xen-hvm.c
+++ b/xen-hvm.c
@@ -240,6 +240,7 @@ static void xen_ram_init(PCMachineState *pcms,
 
 void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size, MemoryRegion *mr)
 {
+/* FIXME caller ram_block_add() wants error_setg() on failure */
 unsigned long nr_pfn;
 xen_pfn_t *pfn_list;
 int i;
@@ -1192,6 +1193,12 @@ static void xen_wakeup_notifier(Notifier *notifier, void 
*data)
 int xen_hvm_init(PCMachineState *pcms,
  MemoryRegion **ram_memory)
 {
+/*
+ * FIXME Returns -1 without cleaning up on some errors (harmless
+ * as long as the caller exit()s on error), dies with hw_error()
+ * on others.  hw_error() isn't approprate here.  Should probably
+ * simply exit() on all errors.
+ */
 int i, rc;
 xen_pfn_t ioreq_pfn;
 xen_pfn_t bufioreq_pfn;
-- 
2.4.3

[Qemu-devel] [PULL 04/41] hw: Don't use hw_error() for machine initialization errors

[Markus Armbruster]

Printing CPU registers is not helpful during machine initialization.
Moreover, these are straightforward configuration or "can get
resources" errors, so dumping core isn't appropriate either.  Replace
hw_error() by error_report(); exit(1).  Matches how we report these
errors in other machine initializations.

Cc: Richard Henderson 
Cc: qemu-...@nongnu.org
Cc: qemu-...@nongnu.org
Cc: Guan Xuetao 
Signed-off-by: Markus Armbruster 
Reviewed-by: Peter Maydell 
Reviewed-by: Thomas Huth 
Message-Id: <1450370121-5768-2-git-send-email-arm...@redhat.com>
Reviewed-by: Richard Henderson 
---
 hw/alpha/dp264.c  | 11 ++-
 hw/arm/highbank.c |  6 --
 hw/char/exynos4210_uart.c |  9 ++---
 hw/m68k/an5206.c  |  4 +++-
 hw/ppc/mac_newworld.c | 11 ++-
 hw/ppc/mac_oldworld.c | 16 +---
 hw/ppc/prep.c | 11 +++
 hw/unicore32/puv3.c   | 10 +++---
 8 files changed, 48 insertions(+), 30 deletions(-)

diff --git a/hw/alpha/dp264.c b/hw/alpha/dp264.c
index 27bdaa1..38b85ba 100644
--- a/hw/alpha/dp264.c
+++ b/hw/alpha/dp264.c
@@ -11,6 +11,7 @@
 #include "hw/loader.h"
 #include "hw/boards.h"
 #include "alpha_sys.h"
+#include "qemu/error-report.h"
 #include "sysemu/sysemu.h"
 #include "hw/timer/mc146818rtc.h"
 #include "hw/ide.h"
@@ -104,14 +105,14 @@ static void clipper_init(MachineState *machine)
 palcode_filename = qemu_find_file(QEMU_FILE_TYPE_BIOS,
 bios_name ? bios_name : "palcode-clipper");
 if (palcode_filename == NULL) {
-hw_error("no palcode provided\n");
+error_report("no palcode provided");
 exit(1);
 }
 size = load_elf(palcode_filename, cpu_alpha_superpage_to_phys,
 NULL, _entry, _low, _high,
 0, EM_ALPHA, 0);
 if (size < 0) {
-hw_error("could not load palcode '%s'\n", palcode_filename);
+error_report("could not load palcode '%s'", palcode_filename);
 exit(1);
 }
 g_free(palcode_filename);
@@ -131,7 +132,7 @@ static void clipper_init(MachineState *machine)
 NULL, _entry, _low, _high,
 0, EM_ALPHA, 0);
 if (size < 0) {
-hw_error("could not load kernel '%s'\n", kernel_filename);
+error_report("could not load kernel '%s'", kernel_filename);
 exit(1);
 }
 
@@ -148,8 +149,8 @@ static void clipper_init(MachineState *machine)
 
 initrd_size = get_image_size(initrd_filename);
 if (initrd_size < 0) {
-hw_error("could not load initial ram disk '%s'\n",
- initrd_filename);
+error_report("could not load initial ram disk '%s'",
+ initrd_filename);
 exit(1);
 }
 
diff --git a/hw/arm/highbank.c b/hw/arm/highbank.c
index a0a5a06..cb9926e 100644
--- a/hw/arm/highbank.c
+++ b/hw/arm/highbank.c
@@ -315,11 +315,13 @@ static void calxeda_init(MachineState *machine, enum 
cxmachines machine_id)
 sysboot_filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
 if (sysboot_filename != NULL) {
 if (load_image_targphys(sysboot_filename, 0xfff88000, 0x8000) < 0) 
{
-hw_error("Unable to load %s\n", bios_name);
+error_report("Unable to load %s", bios_name);
+exit(1);
 }
 g_free(sysboot_filename);
 } else {
-   hw_error("Unable to find %s\n", bios_name);
+error_report("Unable to find %s", bios_name);
+exit(1);
 }
 }
 
diff --git a/hw/char/exynos4210_uart.c b/hw/char/exynos4210_uart.c
index 215f962..2736b37 100644
--- a/hw/char/exynos4210_uart.c
+++ b/hw/char/exynos4210_uart.c
@@ -20,6 +20,7 @@
  */
 
 #include "hw/sysbus.h"
+#include "qemu/error-report.h"
 #include "sysemu/sysemu.h"
 #include "sysemu/char.h"
 
@@ -595,15 +596,17 @@ DeviceState *exynos4210_uart_create(hwaddr addr,
 
 if (!chr) {
 if (channel >= MAX_SERIAL_PORTS) {
-hw_error("Only %d serial ports are supported by QEMU.\n",
- MAX_SERIAL_PORTS);
+error_report("Only %d serial ports are supported by QEMU",
+ MAX_SERIAL_PORTS);
+exit(1);
 }
 chr = serial_hds[channel];
 if (!chr) {
 snprintf(label, ARRAY_SIZE(label), "%s%d", chr_name, channel);
 chr = qemu_chr_new(label, "null", NULL);
 if (!(chr)) {
-hw_error("Can't assign serial port to UART%d.\n", channel);
+error_report("Can't assign serial port to UART%d", channel);
+exit(1);
 }
 }
 }
diff --git a/hw/m68k/an5206.c b/hw/m68k/an5206.c
index c1dea17..8d9ccaa 100644
--- 

[Qemu-devel] [PULL 27/41] error: Use error_reportf_err() where it makes obvious sense

[Markus Armbruster]

Done with this Coccinelle semantic patch

@@
expression FMT, E, S;
expression list ARGS;
@@
-error_report(FMT, ARGS, error_get_pretty(E));
+error_reportf_err(E, FMT/*@@@*/, ARGS);
(
-error_free(E);
|
 exit(S);
|
 abort();
)

followed by a replace of '%s"/*@@@*/' by '"' and some line rewrapping,
because I can't figure out how to make Coccinelle transform strings.

We now use the error whole instead of just its message obtained with
error_get_pretty().  This avoids suppressing its hint (see commit
50b7b00), but I can't see how the errors touched in this commit could
come with hints.

Signed-off-by: Markus Armbruster 
Message-Id: <1450452927-8346-12-git-send-email-arm...@redhat.com>
Reviewed-by: Eric Blake 
---
 arch_init.c   |  4 +---
 block/sheepdog.c  |  5 ++---
 blockdev.c| 12 +---
 hw/arm/cubieboard.c   |  9 -
 hw/arm/digic_boards.c |  3 +--
 hw/core/qdev-properties.c |  6 ++
 hw/core/qdev.c|  5 ++---
 hw/i386/pc.c  |  5 ++---
 hw/ppc/e500.c |  4 ++--
 hw/usb/bus.c  |  5 ++---
 qemu-img.c| 33 +
 qemu-nbd.c| 11 +--
 replay/replay.c   |  3 +--
 tests/test-aio.c  |  4 +---
 tests/test-thread-pool.c  |  4 +---
 ui/vnc.c  |  4 +---
 vl.c  |  6 ++
 17 files changed, 47 insertions(+), 76 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index 38f5fb9..d1383b3 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -258,9 +258,7 @@ void do_acpitable_option(const QemuOpts *opts)
 
 acpi_table_add(opts, );
 if (err) {
-error_report("Wrong acpi table provided: %s",
- error_get_pretty(err));
-error_free(err);
+error_reportf_err(err, "Wrong acpi table provided: ");
 exit(1);
 }
 #endif
diff --git a/block/sheepdog.c b/block/sheepdog.c
index dd8301b..6986be8 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -2405,9 +2405,8 @@ static int sd_snapshot_create(BlockDriverState *bs, 
QEMUSnapshotInfo *sn_info)
 
 ret = do_sd_create(s, _vid, 1, _err);
 if (ret < 0) {
-error_report("failed to create inode for snapshot: %s",
- error_get_pretty(local_err));
-error_free(local_err);
+error_reportf_err(local_err,
+  "failed to create inode for snapshot: ");
 goto cleanup;
 }
 
diff --git a/blockdev.c b/blockdev.c
index 2df0c6d..1392fff 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1582,13 +1582,11 @@ static void internal_snapshot_abort(BlkActionState 
*common)
 }
 
 if (bdrv_snapshot_delete(bs, sn->id_str, sn->name, _error) < 0) {
-error_report("Failed to delete snapshot with id '%s' and name '%s' on "
- "device '%s' in abort: %s",
- sn->id_str,
- sn->name,
- bdrv_get_device_name(bs),
- error_get_pretty(local_error));
-error_free(local_error);
+error_reportf_err(local_error,
+  "Failed to delete snapshot with id '%s' and "
+  "name '%s' on device '%s' in abort: ",
+  sn->id_str, sn->name,
+  bdrv_get_device_name(bs));
 }
 }
 
diff --git a/hw/arm/cubieboard.c b/hw/arm/cubieboard.c
index bf068cd..a71e43c 100644
--- a/hw/arm/cubieboard.c
+++ b/hw/arm/cubieboard.c
@@ -39,27 +39,26 @@ static void cubieboard_init(MachineState *machine)
 
 object_property_set_int(OBJECT(>a10->emac), 1, "phy-addr", );
 if (err != NULL) {
-error_report("Couldn't set phy address: %s", error_get_pretty(err));
+error_reportf_err(err, "Couldn't set phy address: ");
 exit(1);
 }
 
 object_property_set_int(OBJECT(>a10->timer), 32768, "clk0-freq", );
 if (err != NULL) {
-error_report("Couldn't set clk0 frequency: %s", error_get_pretty(err));
+error_reportf_err(err, "Couldn't set clk0 frequency: ");
 exit(1);
 }
 
 object_property_set_int(OBJECT(>a10->timer), 2400, "clk1-freq",
 );
 if (err != NULL) {
-error_report("Couldn't set clk1 frequency: %s", error_get_pretty(err));
+error_reportf_err(err, "Couldn't set clk1 frequency: ");
 exit(1);
 }
 
 object_property_set_bool(OBJECT(s->a10), true, "realized", );
 if (err != NULL) {
-error_report("Couldn't realize Allwinner A10: %s",
- error_get_pretty(err));
+error_reportf_err(err, "Couldn't realize Allwinner A10: ");
 exit(1);
 }
 
diff --git a/hw/arm/digic_boards.c b/hw/arm/digic_boards.c
index 710045a..dfaed25 100644
--- a/hw/arm/digic_boards.c
+++ b/hw/arm/digic_boards.c
@@ -64,8 +64,7 @@ static void 

Re: [Qemu-devel] usb-storage assertions

[Gerd Hoffmann]

On Di, 2016-01-12 at 14:56 +, Daniel P. Berrange wrote:
> On Tue, Jan 12, 2016 at 03:36:40PM +0100, Kevin Wolf wrote:
> > Am 12.01.2016 um 15:17 hat Gerd Hoffmann geschrieben:
> > > On Sa, 2016-01-09 at 20:34 +0300, Andrey Korolyov wrote:
> > > > Hello,
> > > > 
> > > > during regular operations within linux guest with USB EHCI frontend I
> > > > am seeing process crashes with an assert during regular operations
> > > > like dpkg install:
> > > > 
> > > > hw/usb/dev-storage.c:334: usb_msd_handle_reset: Assertion `s->req ==
> > > > ((void *)0)' failed.

> >   
> > 1000
> > 40
> > 10
> >   

> Yes, that works with QEMU and will map through to the -drive I/O
> tuning parameters.

Works, successfully slowing down things to the point that a git clone of
a linux kernel source tree from another machine in the same lan takes
hours instead of minutes.

That doesn't seem to be enough to trigger the asserts though :(
Things are very slow but rock solid ...

cheers,
  Gerd

[Qemu-devel] [PULL 03/41] hw: Inline the qdev_prop_set_drive_nofail() wrapper

[Markus Armbruster]

Signed-off-by: Markus Armbruster 
Message-Id: <1449764955-10741-3-git-send-email-arm...@redhat.com>
Reviewed-by: Peter Maydell 
---
 hw/arm/nseries.c |  4 ++--
 hw/block/fdc.c   | 15 ++-
 hw/block/nand.c  |  2 +-
 hw/core/qdev-properties-system.c |  6 --
 hw/ide/qdev.c|  3 ++-
 hw/isa/pc87312.c |  8 
 hw/ppc/spapr.c   |  3 ++-
 include/hw/qdev-properties.h |  2 --
 8 files changed, 21 insertions(+), 22 deletions(-)

diff --git a/hw/arm/nseries.c b/hw/arm/nseries.c
index 2a8835e..57170ae 100644
--- a/hw/arm/nseries.c
+++ b/hw/arm/nseries.c
@@ -172,8 +172,8 @@ static void n8x0_nand_setup(struct n800_s *s)
 qdev_prop_set_int32(s->nand, "shift", 1);
 dinfo = drive_get(IF_MTD, 0, 0);
 if (dinfo) {
-qdev_prop_set_drive_nofail(s->nand, "drive",
-   blk_by_legacy_dinfo(dinfo));
+qdev_prop_set_drive(s->nand, "drive", blk_by_legacy_dinfo(dinfo),
+_fatal);
 }
 qdev_init_nofail(s->nand);
 sysbus_connect_irq(SYS_BUS_DEVICE(s->nand), 0,
diff --git a/hw/block/fdc.c b/hw/block/fdc.c
index 4292ece..858f5f7 100644
--- a/hw/block/fdc.c
+++ b/hw/block/fdc.c
@@ -2245,10 +2245,12 @@ ISADevice *fdctrl_init_isa(ISABus *bus, DriveInfo **fds)
 dev = DEVICE(isadev);
 
 if (fds[0]) {
-qdev_prop_set_drive_nofail(dev, "driveA", blk_by_legacy_dinfo(fds[0]));
+qdev_prop_set_drive(dev, "driveA", blk_by_legacy_dinfo(fds[0]),
+_fatal);
 }
 if (fds[1]) {
-qdev_prop_set_drive_nofail(dev, "driveB", blk_by_legacy_dinfo(fds[1]));
+qdev_prop_set_drive(dev, "driveB", blk_by_legacy_dinfo(fds[1]),
+_fatal);
 }
 qdev_init_nofail(dev);
 
@@ -2268,10 +2270,12 @@ void fdctrl_init_sysbus(qemu_irq irq, int dma_chann,
 fdctrl = >state;
 fdctrl->dma_chann = dma_chann; /* FIXME */
 if (fds[0]) {
-qdev_prop_set_drive_nofail(dev, "driveA", blk_by_legacy_dinfo(fds[0]));
+qdev_prop_set_drive(dev, "driveA", blk_by_legacy_dinfo(fds[0]),
+_fatal);
 }
 if (fds[1]) {
-qdev_prop_set_drive_nofail(dev, "driveB", blk_by_legacy_dinfo(fds[1]));
+qdev_prop_set_drive(dev, "driveB", blk_by_legacy_dinfo(fds[1]),
+_fatal);
 }
 qdev_init_nofail(dev);
 sbd = SYS_BUS_DEVICE(dev);
@@ -2287,7 +2291,8 @@ void sun4m_fdctrl_init(qemu_irq irq, hwaddr io_base,
 
 dev = qdev_create(NULL, "SUNW,fdtwo");
 if (fds[0]) {
-qdev_prop_set_drive_nofail(dev, "drive", blk_by_legacy_dinfo(fds[0]));
+qdev_prop_set_drive(dev, "drive", blk_by_legacy_dinfo(fds[0]),
+_fatal);
 }
 qdev_init_nofail(dev);
 sys = SYSBUS_FDC(dev);
diff --git a/hw/block/nand.c b/hw/block/nand.c
index f0e3413..478e1a6 100644
--- a/hw/block/nand.c
+++ b/hw/block/nand.c
@@ -635,7 +635,7 @@ DeviceState *nand_init(BlockBackend *blk, int manf_id, int 
chip_id)
 qdev_prop_set_uint8(dev, "manufacturer_id", manf_id);
 qdev_prop_set_uint8(dev, "chip_id", chip_id);
 if (blk) {
-qdev_prop_set_drive_nofail(dev, "drive", blk);
+qdev_prop_set_drive(dev, "drive", blk, _fatal);
 }
 
 qdev_init_nofail(dev);
diff --git a/hw/core/qdev-properties-system.c b/hw/core/qdev-properties-system.c
index d515e99..1589aba 100644
--- a/hw/core/qdev-properties-system.c
+++ b/hw/core/qdev-properties-system.c
@@ -364,12 +364,6 @@ void qdev_prop_set_drive(DeviceState *dev, const char 
*name,
 name, errp);
 }
 
-void qdev_prop_set_drive_nofail(DeviceState *dev, const char *name,
-BlockBackend *value)
-{
-qdev_prop_set_drive(dev, name, value, _fatal);
-}
-
 void qdev_prop_set_chr(DeviceState *dev, const char *name,
CharDriverState *value)
 {
diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c
index 788b361..1f83109 100644
--- a/hw/ide/qdev.c
+++ b/hw/ide/qdev.c
@@ -118,7 +118,8 @@ IDEDevice *ide_create_drive(IDEBus *bus, int unit, 
DriveInfo *drive)
 
 dev = qdev_create(>qbus, drive->media_cd ? "ide-cd" : "ide-hd");
 qdev_prop_set_uint32(dev, "unit", unit);
-qdev_prop_set_drive_nofail(dev, "drive", blk_by_legacy_dinfo(drive));
+qdev_prop_set_drive(dev, "drive", blk_by_legacy_dinfo(drive),
+_fatal);
 qdev_init_nofail(dev);
 return DO_UPCAST(IDEDevice, qdev, dev);
 }
diff --git a/hw/isa/pc87312.c b/hw/isa/pc87312.c
index 3b1fcec..3803065 100644
--- a/hw/isa/pc87312.c
+++ b/hw/isa/pc87312.c
@@ -324,14 +324,14 @@ static void pc87312_realize(DeviceState *dev, Error 
**errp)
 /* FIXME use a qdev drive property instead of drive_get() */
 drive = drive_get(IF_FLOPPY, 0, 0);
 if (drive != NULL) {
-

[Qemu-devel] [PULL 14/41] isa: Clean up inappropriate hw_error()

[Markus Armbruster]

isa_bus_irqs(), isa_create() and isa_try_create() call hw_error() when
passed a null bus.  Use of hw_error() has always been questionable,
because these are used only during machine initialization, and
printing CPU registers isn't useful there.

Since the previous commit, passing a null bus is a programming error.
Drop the hw_error() and simply let it crash.

Cc: Richard Henderson 
Cc: "Michael S. Tsirkin" 
Cc: "Hervé Poussineau" 
Cc: Aurelien Jarno 
Cc: Mark Cave-Ayland 
Signed-off-by: Markus Armbruster 
Reviewed-by: Hervé Poussineau 
Message-Id: <1450354795-31608-12-git-send-email-arm...@redhat.com>
Reviewed-by: Richard Henderson 
---
 hw/isa/isa-bus.c | 11 ---
 1 file changed, 11 deletions(-)

diff --git a/hw/isa/isa-bus.c b/hw/isa/isa-bus.c
index af6ffd6..630054c 100644
--- a/hw/isa/isa-bus.c
+++ b/hw/isa/isa-bus.c
@@ -63,9 +63,6 @@ ISABus *isa_bus_new(DeviceState *dev, MemoryRegion* 
address_space,
 
 void isa_bus_irqs(ISABus *bus, qemu_irq *irqs)
 {
-if (!bus) {
-hw_error("Can't set isa irqs with no isa bus present.");
-}
 bus->irqs = irqs;
 }
 
@@ -137,10 +134,6 @@ ISADevice *isa_create(ISABus *bus, const char *name)
 {
 DeviceState *dev;
 
-if (!bus) {
-hw_error("Tried to create isa device %s with no isa bus present.",
- name);
-}
 dev = qdev_create(BUS(bus), name);
 return ISA_DEVICE(dev);
 }
@@ -149,10 +142,6 @@ ISADevice *isa_try_create(ISABus *bus, const char *name)
 {
 DeviceState *dev;
 
-if (!bus) {
-hw_error("Tried to create isa device %s with no isa bus present.",
- name);
-}
 dev = qdev_try_create(BUS(bus), name);
 return ISA_DEVICE(dev);
 }
-- 
2.4.3

[Qemu-devel] [PULL 22/41] block: Clean up "Could not create temporary overlay" error message

[Markus Armbruster]

bdrv_create() sets an error and returns -errno on failure.  When the
latter is interesting, the error is created with error_setg_errno().

bdrv_append_temp_snapshot() uses the error's message to create a new
one with error_setg_errno().  This adds a strerror() that is either
uninteresting or duplicate.  Use error_setg() instead.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-7-git-send-email-arm...@redhat.com>
---
 block.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/block.c b/block.c
index 01655de..b2bdff9 100644
--- a/block.c
+++ b/block.c
@@ -1463,9 +1463,8 @@ int bdrv_append_temp_snapshot(BlockDriverState *bs, int 
flags, Error **errp)
 ret = bdrv_create(_qcow2, tmp_filename, opts, _err);
 qemu_opts_del(opts);
 if (ret < 0) {
-error_setg_errno(errp, -ret, "Could not create temporary overlay "
- "'%s': %s", tmp_filename,
- error_get_pretty(local_err));
+error_setg(errp, "Could not create temporary overlay '%s': %s",
+   tmp_filename, error_get_pretty(local_err));
 error_free(local_err);
 goto out;
 }
-- 
2.4.3

[Qemu-devel] [PULL 00/41] Error reporting patches for 2016-01-13

[Markus Armbruster]

The following changes since commit 649a1bbaf95adb228f1030ab0618a932bc26aa8b:

  Merge remote-tracking branch 'remotes/kvaneesh/tags/for-upstream-signed' into 
staging (2016-01-12 17:37:22 +)

are available in the git repository at:

  git://repo.or.cz/qemu/armbru.git tags/pull-error-2016-01-13

for you to fetch changes up to 5d596c245d675000ddee69e87616d537ef273be5:

  checkpatch: Detect newlines in error_report and other error functions 
(2016-01-13 15:16:19 +0100)


Error reporting patches for 2016-01-13


Jason J. Herne (1):
  checkpatch: Detect newlines in error_report and other error functions

Markus Armbruster (40):
  error: Document how to accumulate multiple errors
  Use error_fatal to simplify obvious fatal errors
  hw: Inline the qdev_prop_set_drive_nofail() wrapper
  hw: Don't use hw_error() for machine initialization errors
  omap: Don't use hw_error() in device init() methods
  arm_mptimer: Don't use hw_error() in realize() method
  etraxfs_eth: Don't use hw_error() in init() method
  raven: Mark use of hw_error() in realize() FIXME
  error: Don't append a newline when printing the error hint
  hw/arm/virt: Fix property "gic-version" error handling
  sysbus: Don't use hw_error() in machine_init_done_notifiers
  isa: Trivially convert remaining PCI-ISA bridges to realize()
  isa: Clean up error handling around isa_bus_new()
  isa: Clean up inappropriate hw_error()
  audio: Clean up inappropriate and unreachable use of hw_error()
  xen-hvm: Mark inappropriate error handling FIXME
  qemu-nbd: Replace BSDism  by error_report()
  error: Use error_report_err() where appropriate (again)
  error: Use error_report_err() instead of monitor_printf()
  error: Use error_report_err() instead of ad hoc prints
  error: Improve documentation
  block: Clean up "Could not create temporary overlay" error message
  qemu-nbd: Clean up "Failed to load snapshot" error message
  test-throttle: Simplify qemu_init_main_loop() error handling
  error: New error_prepend(), error_reportf_err()
  error: Don't decorate original error message when adding to it
  error: Use error_reportf_err() where it makes obvious sense
  error: Use error_prepend() where it makes obvious sense
  spapr: Use error_reportf_err()
  migration: Use error_reportf_err() instead of monitor_printf()
  qemu-io qemu-nbd: Use error_report() etc. instead of fprintf()
  error: Strip trailing '\n' from error string arguments (again)
  vmdk: Clean up control flow in vmdk_parse_extents() a bit
  vmdk: Clean up "Invalid extent lines" error message
  pci-assign: Clean up "Failed to assign" error messages
  vhdx: Fix "log that needs to be replayed" error message
  error: Clean up errors with embedded newlines (again)
  hw/s390x: Rename local variables Error *l_err to just err
  s390/sclp: Simplify control flow in sclp_realize()
  error: Consistently name Error * objects err, and not errp

 arch_init.c|   4 +-
 audio/audio.c  |  11 +---
 block.c|  20 +++---
 block/qcow2.c  |   5 +-
 block/qed.c|   5 +-
 block/sheepdog.c   |   8 +--
 block/vhdx-log.c   |  13 ++--
 block/vmdk.c   |  50 +--
 blockdev.c |  12 ++--
 contrib/ivshmem-server/main.c  |  10 ++-
 hmp.c  |  61 --
 hw/alpha/dp264.c   |  11 ++--
 hw/alpha/typhoon.c |   3 +-
 hw/arm/cubieboard.c|   9 ++-
 hw/arm/digic_boards.c  |   3 +-
 hw/arm/exynos4210.c|  13 +---
 hw/arm/highbank.c  |  13 ++--
 hw/arm/imx25_pdk.c |   2 +-
 hw/arm/integratorcp.c  |  13 +---
 hw/arm/kzm.c   |   2 +-
 hw/arm/netduino2.c |   2 +-
 hw/arm/nseries.c   |   4 +-
 hw/arm/realview.c  |  20 ++
 hw/arm/versatilepb.c   |  13 +---
 hw/arm/vexpress.c  |   7 +-
 hw/arm/virt.c  |   5 +-
 hw/arm/xilinx_zynq.c   |  28 ++--
 hw/arm/xlnx-ep108.c|   2 +-
 hw/arm/xlnx-zynqmp.c   |   2 +-
 hw/block/dataplane/virtio-blk.c|   8 +--
 hw/block/fdc.c |  15 +++--
 hw/block/nand.c|   2 +-
 hw/char/exynos4210_uart.c  |   9 ++-
 hw/char/serial.c   |  14 +---
 hw/core/nmi.c  |  10 +--
 hw/core/platform-bus.c |  25 
 hw/core/qdev-properties-system.c   |  12 
 hw/core/qdev-properties.c  |   6 +-
 hw/core/qdev.c   

[Qemu-devel] [PULL 10/41] hw/arm/virt: Fix property "gic-version" error handling

[Markus Armbruster]

virt_set_gic_version() calls exit(1) when passed an invalid property
value.  Property setters are not supposed to do that.  Screwed up in
commit b92ad39.  Harmless, because the property belongs to a machine.
Set an error object instead.

Cc: Peter Maydell 
Cc: qemu-...@nongnu.org
Signed-off-by: Markus Armbruster 
Reviewed-by: Peter Maydell 
---
 hw/arm/virt.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index fd52b76..92dcd02 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -1200,9 +1200,8 @@ static void virt_set_gic_version(Object *obj, const char 
*value, Error **errp)
 } else if (!strcmp(value, "host")) {
 vms->gic_version = 0; /* Will probe later */
 } else {
-error_report("Invalid gic-version option value");
-error_printf("Allowed gic-version values are: 3, 2, host\n");
-exit(1);
+error_setg(errp, "Invalid gic-version value");
+error_append_hint(errp, "Valid values are 3, 2, host.\n");
 }
 }
 
-- 
2.4.3

[Qemu-devel] [PULL 19/41] error: Use error_report_err() instead of monitor_printf()

[Markus Armbruster]

Both error_report_err() and monitor_printf() print to the same
destination when monitor_printf() is used correctly, i.e. within an
HMP monitor.  Elsewhere, monitor_printf() does nothing, while
error_report_err() reports to stderr.

Most changed functions are HMP command handlers.  These should only
run within an HMP monitor.  The one exception is bdrv_password_cb(),
which should also only run within an HMP monitor.

Four command handlers prefix the error message with the command name:
balloon, migrate_set_capability, migrate_set_parameter, migrate.
Pointless, drop.

Unlike monitor_printf(), error_report_err() uses the error whole
instead of just its message obtained with error_get_pretty().  This
avoids suppressing its hint (see commit 50b7b00).  Example:

(qemu) device_add ivshmem,id=666
Parameter 'id' expects an identifier
Identifiers consist of letters, digits, '-', '.', '_', starting with a 
letter.
Try "help device_add" for more information

The "Identifiers consist of..." line is new with this patch.

Coccinelle semantic patch:

@@
expression M, E;
@@
-monitor_printf(M, "%s\n", error_get_pretty(E));
-error_free(E);
+error_report_err(E);
@r1@
expression M, E;
format F;
position p;
@@
-monitor_printf(M, "...%@F@\n", error_get_pretty(E));@p
-error_free(E);
+error_report_err(E);
@script:python@
p << r1.p;
@@
print "%s:%s:%s: prefix dropped" % (p[0].file, p[0].line, p[0].column)

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-4-git-send-email-arm...@redhat.com>
---
 hmp.c | 29 +
 hw/s390x/s390-skeys.c |  3 +--
 migration/savevm.c|  3 +--
 monitor.c |  6 ++
 4 files changed, 13 insertions(+), 28 deletions(-)

diff --git a/hmp.c b/hmp.c
index c2b2c16..9723397 100644
--- a/hmp.c
+++ b/hmp.c
@@ -41,8 +41,7 @@ static void hmp_handle_error(Monitor *mon, Error **errp)
 {
 assert(errp);
 if (*errp) {
-monitor_printf(mon, "%s\n", error_get_pretty(*errp));
-error_free(*errp);
+error_report_err(*errp);
 }
 }
 
@@ -556,8 +555,7 @@ void hmp_info_vnc(Monitor *mon, const QDict *qdict)
 
 info = qmp_query_vnc();
 if (err) {
-monitor_printf(mon, "%s\n", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 return;
 }
 
@@ -679,8 +677,7 @@ void hmp_info_balloon(Monitor *mon, const QDict *qdict)
 
 info = qmp_query_balloon();
 if (err) {
-monitor_printf(mon, "%s\n", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 return;
 }
 
@@ -948,8 +945,7 @@ void hmp_ringbuf_read(Monitor *mon, const QDict *qdict)
 
 data = qmp_ringbuf_read(chardev, size, false, 0, );
 if (err) {
-monitor_printf(mon, "%s\n", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 return;
 }
 
@@ -1042,8 +1038,7 @@ void hmp_balloon(Monitor *mon, const QDict *qdict)
 
 qmp_balloon(value, );
 if (err) {
-monitor_printf(mon, "balloon: %s\n", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 }
 }
 
@@ -1191,8 +1186,7 @@ void hmp_migrate_set_cache_size(Monitor *mon, const QDict 
*qdict)
 
 qmp_migrate_set_cache_size(value, );
 if (err) {
-monitor_printf(mon, "%s\n", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 return;
 }
 }
@@ -1229,9 +1223,7 @@ void hmp_migrate_set_capability(Monitor *mon, const QDict 
*qdict)
 qapi_free_MigrationCapabilityStatusList(caps);
 
 if (err) {
-monitor_printf(mon, "migrate_set_capability: %s\n",
-   error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 }
 }
 
@@ -1281,9 +1273,7 @@ void hmp_migrate_set_parameter(Monitor *mon, const QDict 
*qdict)
 }
 
 if (err) {
-monitor_printf(mon, "migrate_set_parameter: %s\n",
-   error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 }
 }
 
@@ -1544,8 +1534,7 @@ void hmp_migrate(Monitor *mon, const QDict *qdict)
 
 qmp_migrate(uri, !!blk, blk, !!inc, inc, false, false, );
 if (err) {
-monitor_printf(mon, "migrate: %s\n", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 return;
 }
 
diff --git a/hw/s390x/s390-skeys.c b/hw/s390x/s390-skeys.c
index 539ef6d..4af1558 100644
--- a/hw/s390x/s390-skeys.c
+++ b/hw/s390x/s390-skeys.c
@@ -100,8 +100,7 @@ void hmp_dump_skeys(Monitor *mon, const QDict *qdict)
 
 qmp_dump_skeys(filename, );
 if (err) {
-monitor_printf(mon, "%s\n", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 }
 }
 
diff --git a/migration/savevm.c 

[Qemu-devel] [PULL 31/41] qemu-io qemu-nbd: Use error_report() etc. instead of fprintf()

[Markus Armbruster]

Just three instances left.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-16-git-send-email-arm...@redhat.com>
---
 qemu-io.c  |  8 +++-
 qemu-nbd.c |  2 +-
 tests/qemu-iotests/059.out |  8 
 tests/qemu-iotests/060.out |  2 +-
 tests/qemu-iotests/069.out |  2 +-
 tests/qemu-iotests/070.out |  2 +-
 tests/qemu-iotests/075.out | 14 +++---
 tests/qemu-iotests/076.out |  6 +++---
 tests/qemu-iotests/078.out | 12 ++--
 tests/qemu-iotests/080.out | 36 ++--
 tests/qemu-iotests/083.out | 34 +-
 tests/qemu-iotests/088.out | 12 ++--
 tests/qemu-iotests/092.out | 24 
 tests/qemu-iotests/103.out |  8 
 tests/qemu-iotests/114.out |  2 +-
 tests/qemu-iotests/116.out | 14 +++---
 tests/qemu-iotests/131.out |  2 +-
 17 files changed, 93 insertions(+), 95 deletions(-)

diff --git a/qemu-io.c b/qemu-io.c
index 269f17c..d47228a 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -57,17 +57,15 @@ static int openfile(char *name, int flags, QDict *opts)
 BlockDriverState *bs;
 
 if (qemuio_blk) {
-fprintf(stderr, "file open already, try 'help close'\n");
+error_report("file open already, try 'help close'");
 QDECREF(opts);
 return 1;
 }
 
 qemuio_blk = blk_new_open("hda", name, NULL, opts, flags, _err);
 if (!qemuio_blk) {
-fprintf(stderr, "%s: can't open%s%s: %s\n", progname,
-name ? " device " : "", name ?: "",
-error_get_pretty(local_err));
-error_free(local_err);
+error_reportf_err(local_err, "can't open%s%s: ",
+  name ? " device " : "", name ?: "");
 return 1;
 }
 
diff --git a/qemu-nbd.c b/qemu-nbd.c
index f9fce4a..99df01f 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -257,7 +257,7 @@ static void *nbd_client_thread(void *arg)
 fd = open(device, O_RDWR);
 if (fd < 0) {
 /* Linux-only, we can use %m in printf.  */
-fprintf(stderr, "Failed to open %s: %m\n", device);
+error_report("Failed to open %s: %m", device);
 goto out_socket;
 }
 
diff --git a/tests/qemu-iotests/059.out b/tests/qemu-iotests/059.out
index 00057fe..d28df5b 100644
--- a/tests/qemu-iotests/059.out
+++ b/tests/qemu-iotests/059.out
@@ -2,17 +2,17 @@ QA output created by 059
 
 === Testing invalid granularity ===
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
-qemu-io: can't open device TEST_DIR/t.vmdk: Invalid granularity, image may be 
corrupt
+can't open device TEST_DIR/t.vmdk: Invalid granularity, image may be corrupt
 no file open, try 'help open'
 
 === Testing too big L2 table size ===
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
-qemu-io: can't open device TEST_DIR/t.vmdk: L2 table size too big
+can't open device TEST_DIR/t.vmdk: L2 table size too big
 no file open, try 'help open'
 
 === Testing too big L1 table size ===
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
-qemu-io: can't open device TEST_DIR/t.vmdk: L1 size too big
+can't open device TEST_DIR/t.vmdk: L1 size too big
 no file open, try 'help open'
 
 === Testing monolithicFlat creation and opening ===
@@ -2055,7 +2055,7 @@ wrote 512/512 bytes at offset 10240
 
 === Testing monolithicFlat with internally generated JSON file name ===
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 
subformat=monolithicFlat
-qemu-io: can't open: Cannot use relative extent paths with VMDK descriptor 
file 'json:{"image": {"driver": "file", "filename": "TEST_DIR/t.IMGFMT"}, 
"driver": "blkdebug", "inject-error.0.event": "read_aio"}'
+can't open: Cannot use relative extent paths with VMDK descriptor file 
'json:{"image": {"driver": "file", "filename": "TEST_DIR/t.IMGFMT"}, "driver": 
"blkdebug", "inject-error.0.event": "read_aio"}'
 
 === Testing version 3 ===
 image: TEST_DIR/iotest-version3.IMGFMT
diff --git a/tests/qemu-iotests/060.out b/tests/qemu-iotests/060.out
index 7511189..5d40206 100644
--- a/tests/qemu-iotests/060.out
+++ b/tests/qemu-iotests/060.out
@@ -20,7 +20,7 @@ Format specific information:
 lazy refcounts: false
 refcount bits: 16
 corrupt: true
-qemu-io: can't open device TEST_DIR/t.IMGFMT: IMGFMT: Image is corrupt; cannot 
be opened read/write
+can't open device TEST_DIR/t.IMGFMT: IMGFMT: Image is corrupt; cannot be 
opened read/write
 read 512/512 bytes at offset 0
 512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
 
diff --git a/tests/qemu-iotests/069.out b/tests/qemu-iotests/069.out
index c78e8c2..f975856 100644
--- a/tests/qemu-iotests/069.out
+++ b/tests/qemu-iotests/069.out
@@ -4,5 +4,5 @@ QA output created by 069
 
 Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=131072
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=131072 
backing_file=TEST_DIR/t.IMGFMT.base
-qemu-io: can't open device 

Re: [Qemu-devel] [PATCH 0/6] Get rid of confusing softfloat-specific integer types

[Aurelien Jarno]

On 2016-01-12 12:55, Peter Maydell wrote:
> This patchset removes the confusing softfloat-specific integer
> types int8, uint8, int32, uint32, int64 and uint64, replacing
> them with the standard _t types that they were typedef'd as.
> These frequently got accidentally used outside the softfloat
> code as a simple typo for the standard types (as you can see
> from the various files touched in the diffstat).
> 
> Although there is technically a semantic difference (the
> softfloat types are "at least X bits" whereas the standard
> types are "exactly X bits", the distinction is unlikely to
> make much performance difference and "upgrading" the types to
> use int_fast*_t would require careful code analysis to check we
> weren't accidentally  relying on the type width. It also means
> we might potentially have subtle bugs on only some host platforms,
> which is worth avoiding I think.
> 
> (In particular glibc defines int_fast32_t as a 64 bit type
> on 64 bit systems, which is unlikely to be the most sensible
> type to actually use for performance. I was reading a discussion
> about the _fast_ types from the musl irc channel recently:
> https://gist.github.com/andrewrk/ac66b24a0a202d87cea7
> which suggests that they're in practice not very useful.)

Thanks for doing this change. I hope this time we'll reach a consensus.

> This is admittedly a different decision to the one we made in
> the past for int16/uint16 (commits 94a49d86c536af3, 5aea4c589aa).
> I can do a followup patch which converts our int_fast16_t/uint_fast16_t
> usage to int16_t/uint16_t if people would like.
> (I think the difference is partly that the old int16/uint16 types
> really were bigger than 16 bits so we knew the code was not
> accidentally relying on exactly-16-bitness. Also I have a feeling
> that I was one of those suggesting the _fast_ types, but I have
> changed my mind and think I was wrong back then.) 

Yes please it would be nice if we can use standard consistent type
everywhere.

> I have left the 'flag' type alone. This could reasonably be changed
> to 'bool' if we checked all the uses to make sure they weren't
> accidentally relying on it being an integer type. The type name
> is not such that it will be accidentally used outside softfloat,
> so it's less of an irritant.

Indeed.

> thanks
> -- PMM
> 
> Peter Maydell (6):
>   fpu: Replace int64 typedef with int64_t
>   fpu: Replace uint64 typedef with uint64_t
>   fpu: Replace int32 typedef with int32_t
>   fpu: Replace uint32 typedef with uint32_t
>   fpu: Replace int8 typedef with int8_t
>   fpu: Replace uint8 typedef with uint8_t
> 
>  crypto/secret.c|   2 +-
>  fpu/softfloat-macros.h |  26 +++---
>  fpu/softfloat-specialize.h |   2 +-
>  fpu/softfloat.c| 218 
> ++---
>  hw/i386/pc.c   |   2 +-
>  hw/ipmi/isa_ipmi_bt.c  |   2 +-
>  hw/ipmi/isa_ipmi_kcs.c |   2 +-
>  hw/misc/imx25_ccm.c|   2 +-
>  hw/misc/imx31_ccm.c|   2 +-
>  hw/net/vmware_utils.h  |   2 +-
>  hw/net/vmxnet3.c   |   2 +-
>  hw/ppc/spapr_events.c  |   4 +-
>  include/fpu/softfloat.h|  68 ++
>  include/hw/i386/pc.h   |   2 +-
>  migration/ram.c|   2 +-
>  target-alpha/fpu_helper.c  |   2 +-
>  target-mips/kvm.c  |   4 +-
>  target-mips/msa_helper.c   |  36 
>  target-s390x/kvm.c |   2 +-
>  tests/vhost-user-test.c|   2 +-
>  20 files changed, 187 insertions(+), 197 deletions(-)

So I am happy to give a:

Reviewed-by: Aurelien Jarno 


Regards,
Aurelien

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net

[Qemu-devel] [PULL 02/41] Use error_fatal to simplify obvious fatal errors

[Markus Armbruster]

Done with this Coccinelle semantic patch:

@@
type T;
identifier FUN, RET;
expression list ARGS;
expression ERR, EC;
@@
(
-T RET = FUN(ARGS, );
+T RET = FUN(ARGS, _fatal);
|
-RET = FUN(ARGS, );
+RET = FUN(ARGS, _fatal);
|
-FUN(ARGS, );
+FUN(ARGS, _fatal);
)
-if (ERR != NULL) {
-error_report_err(ERR);
-exit(EC);
-}

This is actually a more elegant version of my initial semantic patch
by courtesy of Eduardo.

It leaves dead Error * variables behind, cleaned up manually.

Cc: qemu-...@nongnu.org
Cc: "Michael S. Tsirkin" 
Cc: Eduardo Habkost 
Cc: Paolo Bonzini 
Signed-off-by: Markus Armbruster 
Reviewed-by: Eduardo Habkost 
---
 hw/arm/exynos4210.c  | 13 ++--
 hw/arm/highbank.c|  7 +--
 hw/arm/integratorcp.c| 13 ++--
 hw/arm/realview.c| 20 ---
 hw/arm/versatilepb.c | 13 ++--
 hw/arm/vexpress.c|  7 +--
 hw/arm/xilinx_zynq.c | 28 ++
 hw/char/serial.c | 14 ++---
 hw/core/qdev-properties-system.c |  8 +---
 hw/i386/pc.c | 14 ++---
 hw/smbios/smbios.c   | 43 +++-
 numa.c   |  8 ++--
 vl.c | 21 +++-
 13 files changed, 35 insertions(+), 174 deletions(-)

diff --git a/hw/arm/exynos4210.c b/hw/arm/exynos4210.c
index d934980..79b7c5a 100644
--- a/hw/arm/exynos4210.c
+++ b/hw/arm/exynos4210.c
@@ -150,27 +150,18 @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem,
 
 for (n = 0; n < EXYNOS4210_NCPUS; n++) {
 Object *cpuobj = object_new(object_class_get_name(cpu_oc));
-Error *err = NULL;
 
 /* By default A9 CPUs have EL3 enabled.  This board does not currently
  * support EL3 so the CPU EL3 property is disabled before realization.
  */
 if (object_property_find(cpuobj, "has_el3", NULL)) {
-object_property_set_bool(cpuobj, false, "has_el3", );
-if (err) {
-error_report_err(err);
-exit(1);
-}
+object_property_set_bool(cpuobj, false, "has_el3", _fatal);
 }
 
 s->cpu[n] = ARM_CPU(cpuobj);
 object_property_set_int(cpuobj, EXYNOS4210_SMP_PRIVATE_BASE_ADDR,
 "reset-cbar", _abort);
-object_property_set_bool(cpuobj, true, "realized", );
-if (err) {
-error_report_err(err);
-exit(1);
-}
+object_property_set_bool(cpuobj, true, "realized", _fatal);
 }
 
 /*** IRQs ***/
diff --git a/hw/arm/highbank.c b/hw/arm/highbank.c
index 85ae69e..a0a5a06 100644
--- a/hw/arm/highbank.c
+++ b/hw/arm/highbank.c
@@ -279,7 +279,6 @@ static void calxeda_init(MachineState *machine, enum 
cxmachines machine_id)
 ObjectClass *oc = cpu_class_by_name(TYPE_ARM_CPU, cpu_model);
 Object *cpuobj;
 ARMCPU *cpu;
-Error *err = NULL;
 
 cpuobj = object_new(object_class_get_name(oc));
 cpu = ARM_CPU(cpuobj);
@@ -297,11 +296,7 @@ static void calxeda_init(MachineState *machine, enum 
cxmachines machine_id)
 object_property_set_int(cpuobj, MPCORE_PERIPHBASE,
 "reset-cbar", _abort);
 }
-object_property_set_bool(cpuobj, true, "realized", );
-if (err) {
-error_report_err(err);
-exit(1);
-}
+object_property_set_bool(cpuobj, true, "realized", _fatal);
 cpu_irq[n] = qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ);
 cpu_fiq[n] = qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_FIQ);
 }
diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c
index 421bde9..96dedce 100644
--- a/hw/arm/integratorcp.c
+++ b/hw/arm/integratorcp.c
@@ -533,7 +533,6 @@ static void integratorcp_init(MachineState *machine)
 qemu_irq pic[32];
 DeviceState *dev, *sic, *icp;
 int i;
-Error *err = NULL;
 
 if (!cpu_model) {
 cpu_model = "arm926";
@@ -552,18 +551,10 @@ static void integratorcp_init(MachineState *machine)
  * realization.
  */
 if (object_property_find(cpuobj, "has_el3", NULL)) {
-object_property_set_bool(cpuobj, false, "has_el3", );
-if (err) {
-error_report_err(err);
-exit(1);
-}
+object_property_set_bool(cpuobj, false, "has_el3", _fatal);
 }
 
-object_property_set_bool(cpuobj, true, "realized", );
-if (err) {
-error_report_err(err);
-exit(1);
-}
+object_property_set_bool(cpuobj, true, "realized", _fatal);
 
 cpu = ARM_CPU(cpuobj);
 
diff --git a/hw/arm/realview.c 

Re: [Qemu-devel] [PATCH] i2c-tiny-usb: add new usb to i2c bridge

[Tim Sander]

Hi
Am Donnerstag, 7. Januar 2016, 02:14:23 schrieb Peter Crosthwaite:
> Patch subject prefix should contain the version number. Use the
> --subject-prefix or -v options to git format-patch.
Ok, i will try to remember this next time.
> 
> On Wed, Jan 6, 2016 at 6:58 AM, Tim Sander  wrote:
> > Version 4 with improvements suggested by Gerd Hoffmann:
> Changelog information should go below the line ...
> 
> > Signed-off-by: Tim Sander 
> 
> Signed-off-by usually at end of the commit message.
> 
> > i2c-tiny-usb is a small usb to i2c bridge:
> >  http://www.harbaum.org/till/i2c_tiny_usb/index.shtml
> > 
> > It is pretty simple and has no usb endpoints just a control.
> > Reasons for adding this device:
> > * Linux device driver available
> > * adding an additional i2c bus via command line e.g.
> > 
> >   -device usb-i2c-tiny,id=i2c-0 -device tmp105,bus=i2c,address=0x50
> > 
> > ---
> 
> ... here.
Ok.

> >  default-configs/usb.mak |   1 +
> >  hw/usb/Makefile.objs|   1 +
> >  hw/usb/dev-i2c-tiny.c   | 320
> >   trace-events   
> >  |  11 ++
> >  4 files changed, 333 insertions(+)
> >  create mode 100644 hw/usb/dev-i2c-tiny.c
> > 
> > diff --git a/default-configs/usb.mak b/default-configs/usb.mak
> > index f4b8568..01d2c9f 100644
> > --- a/default-configs/usb.mak
> > +++ b/default-configs/usb.mak
> > @@ -8,3 +8,4 @@ CONFIG_USB_AUDIO=y
> > 
> >  CONFIG_USB_SERIAL=y
> >  CONFIG_USB_NETWORK=y
> >  CONFIG_USB_BLUETOOTH=y
> > 
> > +CONFIG_USB_I2C_TINY=y
> > diff --git a/hw/usb/Makefile.objs b/hw/usb/Makefile.objs
> > index 8f00fbd..3a4c337 100644
> > --- a/hw/usb/Makefile.objs
> > +++ b/hw/usb/Makefile.objs
> > @@ -20,6 +20,7 @@ common-obj-$(CONFIG_USB_AUDIO)+= dev-audio.o
> > 
> >  common-obj-$(CONFIG_USB_SERIAL)   += dev-serial.o
> >  common-obj-$(CONFIG_USB_NETWORK)  += dev-network.o
> >  common-obj-$(CONFIG_USB_BLUETOOTH)+= dev-bluetooth.o
> > 
> > +common-obj-$(CONFIG_USB_I2C_TINY) += dev-i2c-tiny.o
> > 
> >  ifeq ($(CONFIG_USB_SMARTCARD),y)
> >  common-obj-y  += dev-smartcard-reader.o
> > 
> > diff --git a/hw/usb/dev-i2c-tiny.c b/hw/usb/dev-i2c-tiny.c
> > new file mode 100644
> > index 000..c28d7a5
> > --- /dev/null
> > +++ b/hw/usb/dev-i2c-tiny.c
> > @@ -0,0 +1,320 @@
> > +/*
> > + * I2C tiny usb device emulation
> > + *
> > + * i2c-tiny-usb is a small usb to i2c bridge:
> > + *
> > + * http://www.harbaum.org/till/i2c_tiny_usb/index.shtml
> > + *
> > + * The simulated device is pretty simple and has no usb endpoints.
> > + * There is a Linux device driver available named i2c-tiny-usb.
> > + *
> > + * Below is an example how to use this device from command line:
> > + *  -device usb-i2c-tiny,id=i2c-0 -device tmp105,bus=i2c,address=0x50
> > + *
> > + * Copyright (c) 2015 Tim Sander 
> > + *
> > + * Loosly based on usb dev-serial.c:
> > + * Copyright (c) 2006 CodeSourcery.
> > + * Copyright (c) 2008 Samuel Thibault 
> > + * Written by Paul Brook, reused for FTDI by Samuel Thibault
> > + *
> > + * This code is licensed under the LGPL.
> > + *
> > + */
> > +
> > +#include "trace.h"
> > +#include "qemu-common.h"
> > +#include "qemu/error-report.h"
> > +#include "hw/usb.h"
> > +#include "hw/usb/desc.h"
> > +#include "hw/i2c/i2c.h"
> > +#include "hw/i2c/smbus.h"
> > +#include "sysemu/char.h"
> > +#include "endian.h"
> > +
> > +/* commands from USB, must e.g. match command ids in kernel driver */
> > +#define CMD_ECHO   0
> > +#define CMD_GET_FUNC   1
> > +#define CMD_SET_DELAY  2
> > +#define CMD_GET_STATUS 3
> > +
> > +/* To determine what functionality is present */
> > +#define I2C_FUNC_I2C0x0001
> > +#define I2C_FUNC_10BIT_ADDR 0x0002
> > +#define I2C_FUNC_PROTOCOL_MANGLING  0x0004
> > +#define I2C_FUNC_SMBUS_HWPEC_CALC   0x0008 /* SMBus 2.0
> > */
> > +#define I2C_FUNC_SMBUS_READ_WORD_DATA_PEC   0x0800 /* SMBus 2.0
> > */
> > +#define I2C_FUNC_SMBUS_WRITE_WORD_DATA_PEC  0x1000 /* SMBus 2.0
> > */
> > +#define I2C_FUNC_SMBUS_PROC_CALL_PEC0x2000 /* SMBus 2.0
> > */
> > +#define I2C_FUNC_SMBUS_BLOCK_PROC_CALL_PEC  0x4000 /* SMBus 2.0
> > */
> > +#define I2C_FUNC_SMBUS_BLOCK_PROC_CALL  0x8000 /* SMBus 2.0
> > */
> > +#define I2C_FUNC_SMBUS_QUICK0x0001
> > +#define I2C_FUNC_SMBUS_READ_BYTE0x0002
> > +#define I2C_FUNC_SMBUS_WRITE_BYTE   0x0004
> > +#define I2C_FUNC_SMBUS_READ_BYTE_DATA   0x0008
> > +#define I2C_FUNC_SMBUS_WRITE_BYTE_DATA  0x0010
> > +#define I2C_FUNC_SMBUS_READ_WORD_DATA   0x0020
> > +#define I2C_FUNC_SMBUS_WRITE_WORD_DATA  0x0040
> > +#define I2C_FUNC_SMBUS_PROC_CALL0x0080
> > +#define I2C_FUNC_SMBUS_READ_BLOCK_DATA  

Re: [Qemu-devel] [PATCH v5 0/6] i386: expose floppy-related objects in SSDT

[Laszlo Ersek]

On 01/13/16 16:49, Roman Kagan wrote:
> On Wed, Jan 13, 2016 at 03:36:18PM +0100, Laszlo Ersek wrote:
>> On 12/30/15 21:11, Roman Kagan wrote:
>>> Windows on UEFI systems is only capable of detecting the presence and
>>> the type of floppy drives via corresponding ACPI objects.
>>
>> I'm late to the party, but please allow me a question:
>>
>> how did you figure out that UEFI Windows requires this?
>>
>> In general, what the ACPI specification says is at best a "guideline"
>> for Windows. So how did you prove this was a requirement for Windows?
> 
> Well, my statement above that Windows on UEFI can detect floppies *only*
> via ACPI is probably a bit stronger than I can actually prove but
> 
> - Windows on OVMF didn't see floppies before the patch, while Linux did
>   (by querying CMOS)

Indeed.

https://bugzilla.redhat.com/show_bug.cgi?id=1212317

> 
> - a number of sources on the internet hinted that Windows needed ACPI
>   assistance for that, e.g.:
> 
>   https://www.reactos.org/wiki/UEFI#Floppy
>   
> https://social.technet.microsoft.com/Forums/windows/en-US/f17db175-d146-4518-b2e9-c12a15031222/legacy-floppy-compatibility-with-uefi-boot?forum=w7itprohardware
>   
> https://social.technet.microsoft.com/Forums/windows/en-US/e91ec27b-0c2d-44a3-b949-e77fa810a4c0/windows-7-uefi-fdd-how-to?forum=w7itprohardware

Right, I found these. (The last two anyway.)

I also found technet comments that plainly stated "it would never work".

(Under your first link, I can read as well: "There have been reports
that Windows does not properly support motherboard floppy controllers
when booting from UEFI. The cause is not definitively known though a
couple of pieces of data have emerged, one pointing to an issue with ACPI".)

> - the links mentioned the need in _FDE object but indicated it only
>   allowed for successful enumeration of floppies, not the actual access;
>   I proved that experimentally
> 
> - the ACPI spec stated that _FDE went in concert with _FDI so I tried it
>   and it worked out

Thank you for confirming.

So, improving Windows compat in QEMU remains trial-and-error-based, and
occasionally reverse-engineering-based. Deplorable.

> Voila.  Besides, I later discovered that a similar research had been
> carried out for Parallels proprietary hypervisor, with a similar
> outcome.

That is, large amounts of work are being duplicated between participants
in this industry segment, because Microsoft doesn't give a flying fsck
about documenting their exact platform requirements. (The fact that _FDE
and _FDI are described in the ACPI spec means exactly zilch, because
Microsoft have ignored e.g. DataTableRegion from the same spec, since
ACPI 2.0 -- the year 2000.) I'm quite sure this obscurity is
intentional, and meant to spread uncertainty and waste competitors'
resources.

Whereas they are having a field day whenever they look at open source
components in a hybrid virt stack.

Nothing to see here, move along.

Thanks again.
Laszlo

Re: [Qemu-devel] [Qemu-block] [PATCH 05/10] block: Inactivate BDS when migration completes

[Kevin Wolf]

Am 05.01.2016 um 21:21 hat John Snow geschrieben:
> 
> 
> On 12/22/2015 03:43 PM, Eric Blake wrote:
> > On 12/22/2015 09:46 AM, Kevin Wolf wrote:
> >> So far, live migration with shared storage meant that the image is in a
> >> not-really-ready don't-touch-me state on the destination while the
> >> source is still actively using it, but after completing the migration,
> >> the image was fully opened on both sides. This is bad.
> >>
> >> This patch adds a block driver callback to inactivate images on the
> >> source before completing the migration. Inactivation means that it goes
> >> to a state as if it was just live migrated to the qemu instance on the
> >> source (i.e. BDRV_O_INCOMING is set). You're then supposed to continue
> >> either on the source or on the destination, which takes ownership of the
> >> image.
> >>
> >> A typical migration looks like this now with respect to disk images:
> >>
> >> 1. Destination qemu is started, the image is opened with
> >>BDRV_O_INCOMING. The image is fully opened on the source.
> >>
> >> 2. Migration is about to complete. The source flushes the image and
> >>inactivates it. Now both sides have the image opened with
> >>BDRV_O_INCOMING and are expecting the other side to still modify it.
> > 
> > The name BDRV_O_INCOMING now doesn't quite match semantics on the
> > source, but I don't have any better suggestions.  BDRV_O_LIMITED_USE?
> > BDRV_O_HANDOFF?  At any rate, I fully agree with your logic of locking
> > things down on the source to mark that the destination is about to take
> > over write access to the file.
> > 
> 
> INCOMING is handy as it keeps the code simple, even if it's weird to
> read. Is it worth adding the extra ifs/case statements everywhere to add
> in BDRV_O_HANDOFF? Maybe in the future someone will use BDRV_O_INCOMING
> to mean something more specific (data is incoming, not just in the
> process of being handed off) that could cause problems.
> 
> Maybe even just renaming BDRV_O_INCOMING right now to be BDRV_O_HANDOFF
> would accomplish the semantics we want on both source and destination
> without needing two flags.
> 
> Follow your dreams, Go with what you feel.

How about renaming BDRV_O_INCOMING to BDRV_O_INACTIVE?

Kevin

[Qemu-devel] [PULL 0/9] First set of s390x patches for 2.6

[Cornelia Huck]

The following changes since commit 649a1bbaf95adb228f1030ab0618a932bc26aa8b:

  Merge remote-tracking branch 'remotes/kvaneesh/tags/for-upstream-signed' into 
staging (2016-01-12 17:37:22 +)

are available in the git repository at:

  git://github.com/cohuck/qemu tags/s390x-20160113

for you to fetch changes up to 88bfa2166ac0b14483a2a2c667499bf3617aebf0:

  s390x/pci: return real state during listing PCI (2016-01-13 10:53:42 +0100)


This first round of s390x patches includes:
- new compat machine
- remove the old s390-virtio machine
- fixes and some cleanup



Cornelia Huck (2):
  s390x: add 2.6 compat machine
  s390x/virtio: use qemu_check_nic_model()

Halil Pasic (1):
  virtio-ccw: fix sanity check for vector

Pierre Morel (2):
  s390x: remove s390-virtio machine
  s390x: remove s390-virtio devices

Shmulik Ladkani (1):
  s390: Introduce CCW_COMPAT_2_5

Yi Min Zhao (3):
  s390x/pci: reject some operations to disabled PCI function
  s390x/pci: code cleanup
  s390x/pci: return real state during listing PCI

 hw/s390x/Makefile.objs |   2 +-
 hw/s390x/s390-pci-bus.c|   6 +-
 hw/s390x/s390-pci-bus.h|   1 +
 hw/s390x/s390-pci-inst.c   |  20 +-
 hw/s390x/s390-virtio-bus.c | 758 -
 hw/s390x/s390-virtio-bus.h | 186 ---
 hw/s390x/s390-virtio-ccw.c |  27 +-
 hw/s390x/s390-virtio.c | 168 +-
 hw/s390x/virtio-ccw.c  |   3 +-
 target-s390x/cpu.h |   3 -
 target-s390x/helper.c  |   2 +-
 vl.c   |   7 +-
 12 files changed, 47 insertions(+), 1136 deletions(-)
 delete mode 100644 hw/s390x/s390-virtio-bus.c
 delete mode 100644 hw/s390x/s390-virtio-bus.h

-- 
2.7.0

[Qemu-devel] [PULL 4/9] s390x/pci: reject some operations to disabled PCI function

[Cornelia Huck]

From: Yi Min Zhao 

According to the s390 architecture, any mpcifc, pcilg, pcistg,
pcistb and rpcit instructions issued to disabled PCI functions
are rejected, and the instruction completes by setting condition
code 3. In addition, any DMA and MSIX interruption operations
are ignored.

Signed-off-by: Yi Min Zhao 
Reviewed-by: Cornelia Huck 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/s390-pci-bus.c  |  6 +-
 hw/s390x/s390-pci-bus.h  |  1 +
 hw/s390x/s390-pci-inst.c | 11 +--
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index 8de35ff..132588b 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -317,7 +317,7 @@ static IOMMUTLBEntry s390_translate_iommu(MemoryRegion 
*iommu, hwaddr addr,
 .perm = IOMMU_NONE,
 };
 
-if (!pbdev->configured || !pbdev->pdev) {
+if (!pbdev->configured || !pbdev->pdev || !(pbdev->fh & FH_ENABLED)) {
 return ret;
 }
 
@@ -428,6 +428,10 @@ static void s390_msi_ctrl_write(void *opaque, hwaddr addr, 
uint64_t data,
 return;
 }
 
+if (!(pbdev->fh & FH_ENABLED)) {
+return;
+}
+
 ind_bit = pbdev->routes.adapter.ind_offset;
 sum_bit = pbdev->routes.adapter.summary_offset;
 
diff --git a/hw/s390x/s390-pci-bus.h b/hw/s390x/s390-pci-bus.h
index 80345da..d8ddb77 100644
--- a/hw/s390x/s390-pci-bus.h
+++ b/hw/s390x/s390-pci-bus.h
@@ -23,6 +23,7 @@
 #define TYPE_S390_PCI_HOST_BRIDGE "s390-pcihost"
 #define FH_VIRT 0x00ff
 #define ENABLE_BIT_OFFSET 31
+#define FH_ENABLED (1 << ENABLE_BIT_OFFSET)
 #define S390_PCIPT_ADAPTER 2
 
 #define S390_PCI_HOST_BRIDGE(obj) \
diff --git a/hw/s390x/s390-pci-inst.c b/hw/s390x/s390-pci-inst.c
index 8c1dc82..df57a7d 100644
--- a/hw/s390x/s390-pci-inst.c
+++ b/hw/s390x/s390-pci-inst.c
@@ -313,7 +313,7 @@ int pcilg_service_call(S390CPU *cpu, uint8_t r1, uint8_t r2)
 offset = env->regs[r2 + 1];
 
 pbdev = s390_pci_find_dev_by_fh(fh);
-if (!pbdev) {
+if (!pbdev || !(pbdev->fh & FH_ENABLED)) {
 DPRINTF("pcilg no pci dev\n");
 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
 return 0;
@@ -430,7 +430,7 @@ int pcistg_service_call(S390CPU *cpu, uint8_t r1, uint8_t 
r2)
 offset = env->regs[r2 + 1];
 
 pbdev = s390_pci_find_dev_by_fh(fh);
-if (!pbdev) {
+if (!pbdev || !(pbdev->fh & FH_ENABLED)) {
 DPRINTF("pcistg no pci dev\n");
 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
 return 0;
@@ -521,8 +521,7 @@ int rpcit_service_call(S390CPU *cpu, uint8_t r1, uint8_t r2)
 end = start + env->regs[r2 + 1];
 
 pbdev = s390_pci_find_dev_by_fh(fh);
-
-if (!pbdev) {
+if (!pbdev || !(pbdev->fh & FH_ENABLED)) {
 DPRINTF("rpcit no pci dev\n");
 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
 goto out;
@@ -586,7 +585,7 @@ int pcistb_service_call(S390CPU *cpu, uint8_t r1, uint8_t 
r3, uint64_t gaddr,
 }
 
 pbdev = s390_pci_find_dev_by_fh(fh);
-if (!pbdev) {
+if (!pbdev || !(pbdev->fh & FH_ENABLED)) {
 DPRINTF("pcistb no pci dev fh 0x%x\n", fh);
 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
 return 0;
@@ -727,7 +726,7 @@ int mpcifc_service_call(S390CPU *cpu, uint8_t r1, uint64_t 
fiba, uint8_t ar)
 }
 
 pbdev = s390_pci_find_dev_by_fh(fh);
-if (!pbdev) {
+if (!pbdev || !(pbdev->fh & FH_ENABLED)) {
 DPRINTF("mpcifc no pci dev fh 0x%x\n", fh);
 setcc(cpu, ZPCI_PCI_LS_INVAL_HANDLE);
 return 0;
-- 
2.7.0

[Qemu-devel] [PULL 7/9] s390: Introduce CCW_COMPAT_2_5

[Cornelia Huck]

From: Shmulik Ladkani 

In 240240d5 'pc: Add pc-*-2.6 machine classes' HW_COMPAT_2_5 and
PC_COMPAT_2_5 were introduced.

Accordingly, introduce CCW_COMPAT_2_5 that uses HW_COMPAT_2_5.

Signed-off-by: Shmulik Ladkani 
Message-Id: 
<1450899731-19517-1-git-send-email-shmulik.ladk...@ravellosystems.com>
Acked-by: Christian Borntraeger 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/s390-virtio-ccw.c | 9 +
 1 file changed, 9 insertions(+)

diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 8d7d04b..586ddbb 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -235,7 +235,11 @@ static const TypeInfo ccw_machine_info = {
 },
 };
 
+#define CCW_COMPAT_2_5 \
+HW_COMPAT_2_5
+
 #define CCW_COMPAT_2_4 \
+CCW_COMPAT_2_5 \
 HW_COMPAT_2_4 \
 {\
 .driver   = TYPE_S390_SKEYS,\
@@ -296,8 +300,13 @@ static const TypeInfo ccw_machine_2_4_info = {
 static void ccw_machine_2_5_class_init(ObjectClass *oc, void *data)
 {
 MachineClass *mc = MACHINE_CLASS(oc);
+static GlobalProperty compat_props[] = {
+CCW_COMPAT_2_5
+{ /* end of list */ }
+};
 
 mc->desc = "VirtIO-ccw based S390 machine v2.5";
+mc->compat_props = compat_props;
 }
 
 static const TypeInfo ccw_machine_2_5_info = {
-- 
2.7.0

[Qemu-devel] [PULL 07/41] etraxfs_eth: Don't use hw_error() in init() method

[Markus Armbruster]

Device init() methods aren't supposed to call hw_error(), they should
report the error and fail cleanly.  Do that.

Cc: "Edgar E. Iglesias" 
Signed-off-by: Markus Armbruster 
Reviewed-by: Edgar E. Iglesias 
Message-Id: <1450370121-5768-5-git-send-email-arm...@redhat.com>
---
 hw/net/etraxfs_eth.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hw/net/etraxfs_eth.c b/hw/net/etraxfs_eth.c
index d600275..b562ac9 100644
--- a/hw/net/etraxfs_eth.c
+++ b/hw/net/etraxfs_eth.c
@@ -26,6 +26,7 @@
 #include "hw/sysbus.h"
 #include "net/net.h"
 #include "hw/cris/etraxfs.h"
+#include "qemu/error-report.h"
 
 #define D(x)
 
@@ -589,7 +590,8 @@ static int fs_eth_init(SysBusDevice *sbd)
 ETRAXFSEthState *s = ETRAX_FS_ETH(dev);
 
 if (!s->dma_out || !s->dma_in) {
-hw_error("Unconnected ETRAX-FS Ethernet MAC.\n");
+error_report("Unconnected ETRAX-FS Ethernet MAC");
+return -1;
 }
 
 s->dma_out->client.push = eth_tx_push;
-- 
2.4.3

[Qemu-devel] [PULL 11/41] sysbus: Don't use hw_error() in machine_init_done_notifiers

[Markus Armbruster]

platform_bus_map_irq() and platform_bus_map_mmio() use hw_error() to
fail.  They run in machine_init_done_notifiers, via
platform_bus_init_notify() and link_sysbus_device().  Printing CPU
registers is not helpful there.

Replace hw_error() by error_report(); exit(1).  If these are
programming errors, it should be replaced by an assertion instead.

While there, observe that both functions always return 0, and
link_sysbus_device() ignores the return value.  Change them to void.

Cc: Alexander Graf 
Signed-off-by: Markus Armbruster 
Reviewed-by: Thomas Huth 
Message-Id: <1450370121-5768-9-git-send-email-arm...@redhat.com>
---
 hw/core/platform-bus.c | 25 -
 1 file changed, 12 insertions(+), 13 deletions(-)

diff --git a/hw/core/platform-bus.c b/hw/core/platform-bus.c
index 70e0518..aa55d01 100644
--- a/hw/core/platform-bus.c
+++ b/hw/core/platform-bus.c
@@ -21,6 +21,7 @@
 
 #include "hw/platform-bus.h"
 #include "exec/address-spaces.h"
+#include "qemu/error-report.h"
 #include "sysemu/sysemu.h"
 
 
@@ -106,31 +107,29 @@ static void plaform_bus_refresh_irqs(PlatformBusDevice 
*pbus)
 pbus->done_gathering = true;
 }
 
-static int platform_bus_map_irq(PlatformBusDevice *pbus, SysBusDevice *sbdev,
-int n)
+static void platform_bus_map_irq(PlatformBusDevice *pbus, SysBusDevice *sbdev,
+ int n)
 {
 int max_irqs = pbus->num_irqs;
 int irqn;
 
 if (sysbus_is_irq_connected(sbdev, n)) {
 /* IRQ is already mapped, nothing to do */
-return 0;
+return;
 }
 
 irqn = find_first_zero_bit(pbus->used_irqs, max_irqs);
 if (irqn >= max_irqs) {
-hw_error("Platform Bus: Can not fit IRQ line");
-return -1;
+error_report("Platform Bus: Can not fit IRQ line");
+exit(1);
 }
 
 set_bit(irqn, pbus->used_irqs);
 sysbus_connect_irq(sbdev, n, pbus->irqs[irqn]);
-
-return 0;
 }
 
-static int platform_bus_map_mmio(PlatformBusDevice *pbus, SysBusDevice *sbdev,
- int n)
+static void platform_bus_map_mmio(PlatformBusDevice *pbus, SysBusDevice *sbdev,
+  int n)
 {
 MemoryRegion *sbdev_mr = sysbus_mmio_get_region(sbdev, n);
 uint64_t size = memory_region_size(sbdev_mr);
@@ -140,7 +139,7 @@ static int platform_bus_map_mmio(PlatformBusDevice *pbus, 
SysBusDevice *sbdev,
 
 if (memory_region_is_mapped(sbdev_mr)) {
 /* Region is already mapped, nothing to do */
-return 0;
+return;
 }
 
 /*
@@ -155,13 +154,13 @@ static int platform_bus_map_mmio(PlatformBusDevice *pbus, 
SysBusDevice *sbdev,
 }
 
 if (!found_region) {
-hw_error("Platform Bus: Can not fit MMIO region of size %"PRIx64, 
size);
+error_report("Platform Bus: Can not fit MMIO region of size %"PRIx64,
+ size);
+exit(1);
 }
 
 /* Map the device's region into our Platform Bus MMIO space */
 memory_region_add_subregion(>mmio, off, sbdev_mr);
-
-return 0;
 }
 
 /*
-- 
2.4.3

[Qemu-devel] [PULL 24/41] test-throttle: Simplify qemu_init_main_loop() error handling

[Markus Armbruster]

The code looks like it tries to check for both qemu_init_main_loop()
and qemu_get_aio_context() failure in one conditional.  In fact,
qemu_get_aio_context() can fail only after qemu_init_main_loop()
failed.

Simplify accordingly: check for qemu_init_main_loop() error directly,
without bothering to improve its error message.  Call
qemu_get_aio_context() only when qemu_get_aio_context() succeeded.  It
can't fail then, so no need to check.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-9-git-send-email-arm...@redhat.com>
---
 tests/test-throttle.c | 15 +--
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/tests/test-throttle.c b/tests/test-throttle.c
index 85c9b6c..a95039f 100644
--- a/tests/test-throttle.c
+++ b/tests/test-throttle.c
@@ -581,21 +581,8 @@ static void test_groups(void)
 
 int main(int argc, char **argv)
 {
-Error *local_error = NULL;
-
-qemu_init_main_loop(_error);
+qemu_init_main_loop(_fatal);
 ctx = qemu_get_aio_context();
-
-if (!ctx) {
-error_report("Failed to create AIO Context: '%s'",
- local_error ? error_get_pretty(local_error) :
- "Failed to initialize the QEMU main loop");
-if (local_error) {
-error_free(local_error);
-}
-exit(1);
-}
-
 bdrv_init();
 
 do {} while (g_main_context_iteration(NULL, false));
-- 
2.4.3

[Qemu-devel] [PULL 05/41] omap: Don't use hw_error() in device init() methods

[Markus Armbruster]

Device init() methods aren't supposed to call hw_error(), they should
report the error and fail cleanly.  Do that.

The errors are all device misconfiguration.  All callers use
qdev_init_nofail(), so this patch merely converts hw_error() crashes
into _abort crashes.  Improvement, because now it crashes closer
to where the misconfiguration bug would be, and a few more bad
examples of hw_error() use are gone.

Cc: Peter Maydell 
Signed-off-by: Markus Armbruster 
Reviewed-by: Peter Maydell 
Message-Id: <1450370121-5768-3-git-send-email-arm...@redhat.com>
---
 hw/gpio/omap_gpio.c | 29 +
 hw/i2c/omap_i2c.c   |  8 ++--
 hw/intc/omap_intc.c | 10 +++---
 3 files changed, 34 insertions(+), 13 deletions(-)

diff --git a/hw/gpio/omap_gpio.c b/hw/gpio/omap_gpio.c
index 3c53898..63d8b42 100644
--- a/hw/gpio/omap_gpio.c
+++ b/hw/gpio/omap_gpio.c
@@ -21,6 +21,7 @@
 #include "hw/hw.h"
 #include "hw/arm/omap.h"
 #include "hw/sysbus.h"
+#include "qemu/error-report.h"
 
 struct omap_gpio_s {
 qemu_irq irq;
@@ -682,7 +683,8 @@ static int omap_gpio_init(SysBusDevice *sbd)
 struct omap_gpif_s *s = OMAP1_GPIO(dev);
 
 if (!s->clk) {
-hw_error("omap-gpio: clk not connected\n");
+error_report("omap-gpio: clk not connected");
+return -1;
 }
 qdev_init_gpio_in(dev, omap_gpio_set, 16);
 qdev_init_gpio_out(dev, s->omap1.handler, 16);
@@ -700,25 +702,35 @@ static int omap2_gpio_init(SysBusDevice *sbd)
 int i;
 
 if (!s->iclk) {
-hw_error("omap2-gpio: iclk not connected\n");
+error_report("omap2-gpio: iclk not connected");
+return -1;
 }
+
+s->modulecount = s->mpu_model < omap2430 ? 4
+   : s->mpu_model < omap3430 ? 5
+   : 6;
+
+for (i = 0; i < s->modulecount; i++) {
+if (!s->fclk[i]) {
+error_report("omap2-gpio: fclk%d not connected", i);
+return -1;
+}
+}
+
 if (s->mpu_model < omap3430) {
-s->modulecount = (s->mpu_model < omap2430) ? 4 : 5;
 memory_region_init_io(>iomem, OBJECT(s), _gpif_top_ops, s,
   "omap2.gpio", 0x1000);
 sysbus_init_mmio(sbd, >iomem);
-} else {
-s->modulecount = 6;
 }
+
 s->modules = g_new0(struct omap2_gpio_s, s->modulecount);
 s->handler = g_new0(qemu_irq, s->modulecount * 32);
 qdev_init_gpio_in(dev, omap2_gpio_set, s->modulecount * 32);
 qdev_init_gpio_out(dev, s->handler, s->modulecount * 32);
+
 for (i = 0; i < s->modulecount; i++) {
 struct omap2_gpio_s *m = >modules[i];
-if (!s->fclk[i]) {
-hw_error("omap2-gpio: fclk%d not connected\n", i);
-}
+
 m->revision = (s->mpu_model < omap3430) ? 0x18 : 0x25;
 m->handler = >handler[i * 32];
 sysbus_init_irq(sbd, >irq[0]); /* mpu irq */
@@ -728,6 +740,7 @@ static int omap2_gpio_init(SysBusDevice *sbd)
   "omap.gpio-module", 0x1000);
 sysbus_init_mmio(sbd, >iomem);
 }
+
 return 0;
 }
 
diff --git a/hw/i2c/omap_i2c.c b/hw/i2c/omap_i2c.c
index b6f544a..8b0b146 100644
--- a/hw/i2c/omap_i2c.c
+++ b/hw/i2c/omap_i2c.c
@@ -20,6 +20,7 @@
 #include "hw/i2c/i2c.h"
 #include "hw/arm/omap.h"
 #include "hw/sysbus.h"
+#include "qemu/error-report.h"
 
 #define TYPE_OMAP_I2C "omap_i2c"
 #define OMAP_I2C(obj) OBJECT_CHECK(OMAPI2CState, (obj), TYPE_OMAP_I2C)
@@ -449,12 +450,15 @@ static int omap_i2c_init(SysBusDevice *sbd)
 OMAPI2CState *s = OMAP_I2C(dev);
 
 if (!s->fclk) {
-hw_error("omap_i2c: fclk not connected\n");
+error_report("omap_i2c: fclk not connected");
+return -1;
 }
 if (s->revision >= OMAP2_INTR_REV && !s->iclk) {
 /* Note that OMAP1 doesn't have a separate interface clock */
-hw_error("omap_i2c: iclk not connected\n");
+error_report("omap_i2c: iclk not connected");
+return -1;
 }
+
 sysbus_init_irq(sbd, >irq);
 sysbus_init_irq(sbd, >drq[0]);
 sysbus_init_irq(sbd, >drq[1]);
diff --git a/hw/intc/omap_intc.c b/hw/intc/omap_intc.c
index e9b38a3..07b6272 100644
--- a/hw/intc/omap_intc.c
+++ b/hw/intc/omap_intc.c
@@ -20,6 +20,7 @@
 #include "hw/hw.h"
 #include "hw/arm/omap.h"
 #include "hw/sysbus.h"
+#include "qemu/error-report.h"
 
 /* Interrupt Handlers */
 struct omap_intr_handler_bank_s {
@@ -367,7 +368,8 @@ static int omap_intc_init(SysBusDevice *sbd)
 struct omap_intr_handler_s *s = OMAP_INTC(dev);
 
 if (!s->iclk) {
-hw_error("omap-intc: clk not connected\n");
+error_report("omap-intc: clk not connected");
+return -1;
 }
 s->nbanks = 1;
 sysbus_init_irq(sbd, >parent_intr[0]);
@@ -608,10 +610,12 @@ static int omap2_intc_init(SysBusDevice *sbd)
 struct omap_intr_handler_s *s = OMAP_INTC(dev);
 
 if (!s->iclk) {
-hw_error("omap2-intc: iclk not connected\n");

[Qemu-devel] [PULL 18/41] error: Use error_report_err() where appropriate (again)

[Markus Armbruster]

Same Coccinelle semantic patch as in commit 565f65d.

We now use the original error whole instead of just its message
obtained with error_get_pretty().  This avoids suppressing its hint
(see commit 50b7b00), but I don't think the errors touched in this
commit can come with hints.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-3-git-send-email-arm...@redhat.com>
---
 block/sheepdog.c| 3 +--
 hw/arm/imx25_pdk.c  | 2 +-
 hw/arm/kzm.c| 2 +-
 hw/arm/netduino2.c  | 2 +-
 hw/arm/xlnx-ep108.c | 2 +-
 hw/ppc/spapr_drc.c  | 6 ++
 qemu-nbd.c  | 2 +-
 vl.c| 2 +-
 8 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/block/sheepdog.c b/block/sheepdog.c
index d80e4ed..dd8301b 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -1861,8 +1861,7 @@ static int sd_create(const char *filename, QemuOpts *opts,
 
 fd = connect_to_sdog(s, _err);
 if (fd < 0) {
-error_report("%s", error_get_pretty(local_err));
-error_free(local_err);
+error_report_err(local_err);
 ret = -EIO;
 goto out;
 }
diff --git a/hw/arm/imx25_pdk.c b/hw/arm/imx25_pdk.c
index 59a4c11..039f0eb 100644
--- a/hw/arm/imx25_pdk.c
+++ b/hw/arm/imx25_pdk.c
@@ -75,7 +75,7 @@ static void imx25_pdk_init(MachineState *machine)
 
 object_property_set_bool(OBJECT(>soc), true, "realized", );
 if (err != NULL) {
-error_report("%s", error_get_pretty(err));
+error_report_err(err);
 exit(1);
 }
 
diff --git a/hw/arm/kzm.c b/hw/arm/kzm.c
index eff6f46..f4b463a 100644
--- a/hw/arm/kzm.c
+++ b/hw/arm/kzm.c
@@ -74,7 +74,7 @@ static void kzm_init(MachineState *machine)
 
 object_property_set_bool(OBJECT(>soc), true, "realized", );
 if (err != NULL) {
-error_report("%s", error_get_pretty(err));
+error_report_err(err);
 exit(1);
 }
 
diff --git a/hw/arm/netduino2.c b/hw/arm/netduino2.c
index a3b9e82..3ab83a1 100644
--- a/hw/arm/netduino2.c
+++ b/hw/arm/netduino2.c
@@ -38,7 +38,7 @@ static void netduino2_init(MachineState *machine)
 qdev_prop_set_string(dev, "cpu-model", "cortex-m3");
 object_property_set_bool(OBJECT(dev), true, "realized", );
 if (err != NULL) {
-error_report("%s", error_get_pretty(err));
+error_report_err(err);
 exit(1);
 }
 }
diff --git a/hw/arm/xlnx-ep108.c b/hw/arm/xlnx-ep108.c
index 85b978f..73e6087 100644
--- a/hw/arm/xlnx-ep108.c
+++ b/hw/arm/xlnx-ep108.c
@@ -41,7 +41,7 @@ static void xlnx_ep108_init(MachineState *machine)
 
 object_property_set_bool(OBJECT(>soc), true, "realized", );
 if (err) {
-error_report("%s", error_get_pretty(err));
+error_report_err(err);
 exit(1);
 }
 
diff --git a/hw/ppc/spapr_drc.c b/hw/ppc/spapr_drc.c
index 8be62c3..4fb86a6 100644
--- a/hw/ppc/spapr_drc.c
+++ b/hw/ppc/spapr_drc.c
@@ -465,8 +465,7 @@ static void realize(DeviceState *d, Error **errp)
 object_property_add_alias(root_container, link_name,
   drc->owner, child_name, );
 if (err) {
-error_report("%s", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 object_unref(OBJECT(drc));
 }
 g_free(child_name);
@@ -486,8 +485,7 @@ static void unrealize(DeviceState *d, Error **errp)
 snprintf(name, sizeof(name), "%x", drck->get_index(drc));
 object_property_del(root_container, name, );
 if (err) {
-error_report("%s", error_get_pretty(err));
-error_free(err);
+error_report_err(err);
 object_unref(OBJECT(drc));
 }
 }
diff --git a/qemu-nbd.c b/qemu-nbd.c
index d5c32de..65c0ebd 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -749,7 +749,7 @@ int main(int argc, char **argv)
 exp = nbd_export_new(blk, dev_offset, fd_size, nbdflags, nbd_export_closed,
  _err);
 if (!exp) {
-error_report("%s", error_get_pretty(local_err));
+error_report_err(local_err);
 exit(EXIT_FAILURE);
 }
 
diff --git a/vl.c b/vl.c
index 6c2add9..7548fa2 100644
--- a/vl.c
+++ b/vl.c
@@ -4553,7 +4553,7 @@ int main(int argc, char **argv, char **envp)
 Error *local_err = NULL;
 qemu_boot_set(boot_once, _err);
 if (local_err) {
-error_report("%s", error_get_pretty(local_err));
+error_report_err(local_err);
 exit(1);
 }
 qemu_register_reset(restore_boot_order, g_strdup(boot_order));
-- 
2.4.3

[Qemu-devel] [PULL 12/41] isa: Trivially convert remaining PCI-ISA bridges to realize()

[Markus Armbruster]

These are "ICH9-LPC" and "ebus".

Cc: "Michael S. Tsirkin" 
Cc: Mark Cave-Ayland 
Signed-off-by: Markus Armbruster 
Reviewed-by: Marcel Apfelbaum 
Reviewed-by: Michael S. Tsirkin 
Message-Id: <1450370121-5768-10-git-send-email-arm...@redhat.com>
---
 hw/isa/lpc_ich9.c  | 5 ++---
 hw/sparc64/sun4u.c | 6 ++
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/hw/isa/lpc_ich9.c b/hw/isa/lpc_ich9.c
index 1ffc803..8e58449 100644
--- a/hw/isa/lpc_ich9.c
+++ b/hw/isa/lpc_ich9.c
@@ -602,7 +602,7 @@ static void ich9_lpc_initfn(Object *obj)
 ich9_lpc_add_properties(lpc);
 }
 
-static int ich9_lpc_init(PCIDevice *d)
+static void ich9_lpc_realize(PCIDevice *d, Error **errp)
 {
 ICH9LPCState *lpc = ICH9_LPC_DEVICE(d);
 ISABus *isa_bus;
@@ -628,7 +628,6 @@ static int ich9_lpc_init(PCIDevice *d)
 memory_region_add_subregion_overlap(pci_address_space_io(d),
 ICH9_RST_CNT_IOPORT, >rst_cnt_mem,
 1);
-return 0;
 }
 
 static void ich9_device_plug_cb(HotplugHandler *hotplug_dev,
@@ -706,7 +705,7 @@ static void ich9_lpc_class_init(ObjectClass *klass, void 
*data)
 
 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
 dc->reset = ich9_lpc_reset;
-k->init = ich9_lpc_init;
+k->realize = ich9_lpc_realize;
 dc->vmsd = _ich9_lpc;
 dc->props = ich9_lpc_properties;
 k->config_write = ich9_lpc_config_write;
diff --git a/hw/sparc64/sun4u.c b/hw/sparc64/sun4u.c
index 7a433d3..8058aac 100644
--- a/hw/sparc64/sun4u.c
+++ b/hw/sparc64/sun4u.c
@@ -600,8 +600,7 @@ pci_ebus_init(PCIBus *bus, int devfn, qemu_irq *irqs)
 return isa_bus;
 }
 
-static int
-pci_ebus_init1(PCIDevice *pci_dev)
+static void pci_ebus_realize(PCIDevice *pci_dev, Error **errp)
 {
 EbusState *s = DO_UPCAST(EbusState, pci_dev, pci_dev);
 
@@ -621,14 +620,13 @@ pci_ebus_init1(PCIDevice *pci_dev)
 memory_region_init_alias(>bar1, OBJECT(s), "bar1", get_system_io(),
  0, 0x4000);
 pci_register_bar(pci_dev, 1, PCI_BASE_ADDRESS_SPACE_IO, >bar1);
-return 0;
 }
 
 static void ebus_class_init(ObjectClass *klass, void *data)
 {
 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
 
-k->init = pci_ebus_init1;
+k->realize = pci_ebus_realize;
 k->vendor_id = PCI_VENDOR_ID_SUN;
 k->device_id = PCI_DEVICE_ID_SUN_EBUS;
 k->revision = 0x01;
-- 
2.4.3

[Qemu-devel] [PULL 23/41] qemu-nbd: Clean up "Failed to load snapshot" error message

[Markus Armbruster]

bdrv_snapshot_load_tmp() sets an error and returns -errno on failure.
We report both even though the error message is self-contained.  Drop
the redundant strerror().

While there: setting errno right before exit() is pointless, so drop
that, too.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-8-git-send-email-arm...@redhat.com>
---
 qemu-nbd.c | 14 +-
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/qemu-nbd.c b/qemu-nbd.c
index 706552e..b8be3bc 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -156,8 +156,7 @@ static int find_partition(BlockBackend *blk, int partition,
 int ret;
 
 if ((ret = blk_read(blk, 0, data, 1)) < 0) {
-errno = -ret;
-error_report("error while reading: %s", strerror(errno));
+error_report("error while reading: %s", strerror(-ret));
 exit(EXIT_FAILURE);
 }
 
@@ -178,8 +177,7 @@ static int find_partition(BlockBackend *blk, int partition,
 int j;
 
 if ((ret = blk_read(blk, mbr[i].start_sector_abs, data1, 1)) < 0) {
-errno = -ret;
-error_report("error while reading: %s", strerror(errno));
+error_report("error while reading: %s", strerror(-ret));
 exit(EXIT_FAILURE);
 }
 
@@ -721,9 +719,8 @@ int main(int argc, char **argv)
_err);
 }
 if (ret < 0) {
-errno = -ret;
-error_report("Failed to load snapshot: %s: %s",
- error_get_pretty(local_err), strerror(errno));
+error_report("Failed to load snapshot: %s",
+ error_get_pretty(local_err));
 exit(EXIT_FAILURE);
 }
 
@@ -738,9 +735,8 @@ int main(int argc, char **argv)
 if (partition != -1) {
 ret = find_partition(blk, partition, _offset, _size);
 if (ret < 0) {
-errno = -ret;
 error_report("Could not find partition %d: %s", partition,
- strerror(errno));
+ strerror(-ret));
 exit(EXIT_FAILURE);
 }
 }
-- 
2.4.3

[Qemu-devel] [PULL 34/41] vmdk: Clean up "Invalid extent lines" error message

[Markus Armbruster]

vmdk_parse_extents() reports parse errors like this:

error_setg(errp, "Invalid extent lines:\n%s", p);

where p points to the beginning of the malformed line in the image
descriptor.  This results in a multi-line error message

Invalid extent lines:



Error messages should not have newlines embedded.  Since the remaining
text is not helpful, we can simply report:

Invalid extent line: 

Cc: Fam Zheng 
Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-19-git-send-email-arm...@redhat.com>
Reviewed-by: Fam Zheng 
---
 block/vmdk.c   | 20 +---
 tests/qemu-iotests/059.out |  4 +---
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/block/vmdk.c b/block/vmdk.c
index 08fa3f3..2b5cb00 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -780,7 +780,7 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 char access[11];
 char type[11];
 char fname[512];
-const char *p;
+const char *p, *np;
 int64_t sectors = 0;
 int64_t flat_offset;
 char *extent_path;
@@ -805,19 +805,16 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 continue;
 } else if (!strcmp(type, "FLAT")) {
 if (matches != 5 || flat_offset < 0) {
-error_setg(errp, "Invalid extent lines: \n%s", p);
-return -EINVAL;
+goto invalid;
 }
 } else if (!strcmp(type, "VMFS")) {
 if (matches == 4) {
 flat_offset = 0;
 } else {
-error_setg(errp, "Invalid extent lines:\n%s", p);
-return -EINVAL;
+goto invalid;
 }
 } else if (matches != 4) {
-error_setg(errp, "Invalid extent lines:\n%s", p);
-return -EINVAL;
+goto invalid;
 }
 
 if (sectors <= 0 ||
@@ -883,6 +880,15 @@ static int vmdk_parse_extents(const char *desc, 
BlockDriverState *bs,
 extent->type = g_strdup(type);
 }
 return 0;
+
+invalid:
+np = next_line(p);
+assert(np != p);
+if (np[-1] == '\n') {
+np--;
+}
+error_setg(errp, "Invalid extent line: %.*s", (int)(np - p), p);
+return -EINVAL;
 }
 
 static int vmdk_open_desc_file(BlockDriverState *bs, int flags, char *buf,
diff --git a/tests/qemu-iotests/059.out b/tests/qemu-iotests/059.out
index d28df5b..9d506cb 100644
--- a/tests/qemu-iotests/059.out
+++ b/tests/qemu-iotests/059.out
@@ -2038,9 +2038,7 @@ Format specific information:
 format: FLAT
 
 === Testing malformed VMFS extent description line ===
-qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Invalid extent lines:
-RW 12582912 VMFS "dummy.IMGFMT" 1
-
+qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Invalid extent line: RW 12582912 
VMFS "dummy.IMGFMT" 1
 
 === Testing truncated sparse ===
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=107374182400 
subformat=monolithicSparse
-- 
2.4.3

[Qemu-devel] [PULL 08/41] raven: Mark use of hw_error() in realize() FIXME

[Markus Armbruster]

Device realize() methods aren't supposed to call hw_error(), they
should set an error and fail cleanly.  Blindly doing that would be
easy enough, but then realize() would fail without undoing its side
effects.  Just mark it FIXME for now.

Cc: "Andreas Färber" 
Cc: qemu-...@nongnu.org
Signed-off-by: Markus Armbruster 
Reviewed-by: Thomas Huth 
Message-Id: <1450370121-5768-6-git-send-email-arm...@redhat.com>
---
 hw/pci-host/prep.c | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/hw/pci-host/prep.c b/hw/pci-host/prep.c
index da88cb3..f434596 100644
--- a/hw/pci-host/prep.c
+++ b/hw/pci-host/prep.c
@@ -326,6 +326,7 @@ static void raven_realize(PCIDevice *d, Error **errp)
 }
 }
 if (bios_size < 0 || bios_size > BIOS_SIZE) {
+/* FIXME should error_setg() */
 hw_error("qemu: could not load bios image '%s'\n", s->bios_name);
 }
 g_free(filename);
@@ -355,8 +356,9 @@ static void raven_class_init(ObjectClass *klass, void *data)
 dc->desc = "PReP Host Bridge - Motorola Raven";
 dc->vmsd = _raven;
 /*
- * PCI-facing part of the host bridge, not usable without the
- * host-facing part, which can't be device_add'ed, yet.
+ * Reason: PCI-facing part of the host bridge, not usable without
+ * the host-facing part, which can't be device_add'ed, yet.
+ * Reason: realize() method uses hw_error().
  */
 dc->cannot_instantiate_with_device_add_yet = true;
 }
-- 
2.4.3

[Qemu-devel] [PULL 29/41] spapr: Use error_reportf_err()

[Markus Armbruster]

Not caught by Coccinelle, because we report the error only
conditionally here.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-14-git-send-email-arm...@redhat.com>
---
 hw/ppc/spapr.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 0ca0176..091cdb1 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -122,10 +122,11 @@ static XICSState *xics_system_init(MachineState *machine,
 icp = try_create_xics(TYPE_KVM_XICS, nr_servers, nr_irqs, );
 }
 if (machine_kernel_irqchip_required(machine) && !icp) {
-error_report("kernel_irqchip requested but unavailable: %s",
- error_get_pretty(err));
+error_reportf_err(err,
+  "kernel_irqchip requested but unavailable: ");
+} else {
+error_free(err);
 }
-error_free(err);
 }
 
 if (!icp) {
-- 
2.4.3

[Qemu-devel] [PULL 41/41] checkpatch: Detect newlines in error_report and other error functions

[Markus Armbruster]

From: "Jason J. Herne" 

We don't want newlines embedded in error messages. This seems to be a common
problem with new code so let's try to catch it with checkpatch.

This will not catch cases where newlines are inserted into the middle of an
existing multi-line statement. But those cases should be rare.

Signed-off-by: Jason J. Herne 
Message-Id: <1449858642-24267-1-git-send-email-jjhe...@linux.vnet.ibm.com>
[Rephrased "Error function text" to "Error messages", dropped
error_vprintf, error_printf, error_printf from $qemu_error_funcs,
because they may legitimately print newlines]
Signed-off-by: Markus Armbruster 
---
 scripts/checkpatch.pl | 36 
 1 file changed, 36 insertions(+)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index efca817..257126f 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -2498,6 +2498,42 @@ sub process {
WARN("use QEMU instead of Qemu or QEmu\n" . $herecurr);
}
 
+# Qemu error function tests
+
+   # Find newlines in error messages
+   my $qemu_error_funcs = qr{error_setg|
+   error_setg_errno|
+   error_setg_win32|
+   error_set|
+   error_vreport|
+   error_report}x;
+
+   if ($rawline =~ /\b(?:$qemu_error_funcs)\s*\(\s*\".*\\n/) {
+   WARN("Error messages should not contain newlines\n" . 
$herecurr);
+   }
+
+   # Continue checking for error messages that contains newlines. This
+   # check handles cases where string literals are spread over multiple 
lines.
+   # Example:
+   # error_report("Error msg line #1"
+   #  "Error msg line #2\n");
+   my $quoted_newline_regex = qr{\+\s*\".*\\n.*\"};
+   my $continued_str_literal = qr{\+\s*\".*\"};
+
+   if ($rawline =~ /$quoted_newline_regex/) {
+   # Backtrack to first line that does not contain only a quoted 
literal
+   # and assume that it is the start of the statement.
+   my $i = $linenr - 2;
+
+   while (($i >= 0) & $rawlines[$i] =~ /$continued_str_literal/) {
+   $i--;
+   }
+
+   if ($rawlines[$i] =~ /\b(?:$qemu_error_funcs)\s*\(/) {
+   WARN("Error messages should not contain newlines\n" . 
$herecurr);
+   }
+   }
+
 # check for non-portable ffs() calls that have portable alternatives in QEMU
if ($line =~ /\bffs\(/) {
ERROR("use ctz32() instead of ffs()\n" . $herecurr);
-- 
2.4.3

[Qemu-devel] [PULL 30/41] migration: Use error_reportf_err() instead of monitor_printf()

[Markus Armbruster]

Both error_reportf_err() and monitor_printf() print to the same
destination when monitor_printf() is used correctly, i.e. within an
HMP monitor.  Elsewhere, monitor_printf() does nothing, while
error_reportf_err() reports to stderr.

Both changed functions are HMP command handlers.  These should only
run within an HMP monitor.

Unlike monitor_printf(), error_reportf_err() uses the error whole
instead of just its message obtained with error_get_pretty().  This
avoids suppressing its hint (see commit 50b7b00), but I don't think
the errors touched in this commit can come with hints.

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-15-git-send-email-arm...@redhat.com>
---
 migration/savevm.c | 14 ++
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/migration/savevm.c b/migration/savevm.c
index e277b72..bcaeb70 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -1927,10 +1927,9 @@ void hmp_savevm(Monitor *mon, const QDict *qdict)
 
 /* Delete old snapshots of the same name */
 if (name && bdrv_all_delete_snapshot(name, , _err) < 0) {
-monitor_printf(mon,
-   "Error while deleting snapshot on device '%s': %s\n",
-   bdrv_get_device_name(bs1), error_get_pretty(local_err));
-error_free(local_err);
+error_reportf_err(local_err,
+  "Error while deleting snapshot on device '%s': ",
+  bdrv_get_device_name(bs1));
 return;
 }
 
@@ -2108,10 +2107,9 @@ void hmp_delvm(Monitor *mon, const QDict *qdict)
 const char *name = qdict_get_str(qdict, "name");
 
 if (bdrv_all_delete_snapshot(name, , ) < 0) {
-monitor_printf(mon,
-   "Error while deleting snapshot on device '%s': %s\n",
-   bdrv_get_device_name(bs), error_get_pretty(err));
-error_free(err);
+error_reportf_err(err,
+  "Error while deleting snapshot on device '%s': ",
+  bdrv_get_device_name(bs));
 }
 }
 
-- 
2.4.3

[Qemu-devel] [PULL 39/41] s390/sclp: Simplify control flow in sclp_realize()

[Markus Armbruster]

Suggested-by: David Hildenbrand 
Signed-off-by: Markus Armbruster 
Reviewed-by: David Hildenbrand 
Acked-by: Cornelia Huck 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-24-git-send-email-arm...@redhat.com>
---
 hw/s390x/sclp.c | 9 +++--
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c
index 9a117c9..74f2b40 100644
--- a/hw/s390x/sclp.c
+++ b/hw/s390x/sclp.c
@@ -463,21 +463,18 @@ static void sclp_realize(DeviceState *dev, Error **errp)
 object_property_set_bool(OBJECT(sclp->event_facility), true, "realized",
  );
 if (err) {
-goto error;
+goto out;
 }
 
 ret = s390_set_memory_limit(machine->maxram_size, _limit);
 if (ret == -E2BIG) {
 error_setg(, "qemu: host supports a maximum of %" PRIu64 " GB",
hw_limit >> 30);
-goto error;
 } else if (ret) {
 error_setg(, "qemu: setting the guest size failed");
-goto error;
 }
-return;
-error:
-assert(err);
+
+out:
 error_propagate(errp, err);
 }
 
-- 
2.4.3

[Qemu-devel] [PULL 38/41] hw/s390x: Rename local variables Error *l_err to just err

[Markus Armbruster]

Let's follow established naming practice here as well.

Cc: David Hildenbrand 
Signed-off-by: Markus Armbruster 
Acked-by: Cornelia Huck 
Reviewed-by: David Hildenbrand 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-23-git-send-email-arm...@redhat.com>
---
 hw/s390x/ipl.c  | 12 ++--
 hw/s390x/sclp.c | 14 +++---
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c
index e100428..9c01be5 100644
--- a/hw/s390x/ipl.c
+++ b/hw/s390x/ipl.c
@@ -76,7 +76,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 S390IPLState *ipl = S390_IPL(dev);
 uint64_t pentry = KERN_IMAGE_START;
 int kernel_size;
-Error *l_err = NULL;
+Error *err = NULL;
 
 int bios_size;
 char *bios_filename;
@@ -94,7 +94,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 
 bios_filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
 if (bios_filename == NULL) {
-error_setg(_err, "could not find stage1 bootloader");
+error_setg(, "could not find stage1 bootloader");
 goto error;
 }
 
@@ -113,7 +113,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 g_free(bios_filename);
 
 if (bios_size == -1) {
-error_setg(_err, "could not load bootloader '%s'", bios_name);
+error_setg(, "could not load bootloader '%s'", bios_name);
 goto error;
 }
 
@@ -128,7 +128,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 kernel_size = load_image_targphys(ipl->kernel, 0, ram_size);
 }
 if (kernel_size < 0) {
-error_setg(_err, "could not load kernel '%s'", ipl->kernel);
+error_setg(, "could not load kernel '%s'", ipl->kernel);
 goto error;
 }
 /*
@@ -156,7 +156,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 initrd_size = load_image_targphys(ipl->initrd, initrd_offset,
   ram_size - initrd_offset);
 if (initrd_size == -1) {
-error_setg(_err, "could not load initrd '%s'", ipl->initrd);
+error_setg(, "could not load initrd '%s'", ipl->initrd);
 goto error;
 }
 
@@ -170,7 +170,7 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp)
 }
 qemu_register_reset(qdev_reset_all_fn, dev);
 error:
-error_propagate(errp, l_err);
+error_propagate(errp, err);
 }
 
 static Property s390_ipl_properties[] = {
diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c
index a061b49..9a117c9 100644
--- a/hw/s390x/sclp.c
+++ b/hw/s390x/sclp.c
@@ -456,29 +456,29 @@ static void sclp_realize(DeviceState *dev, Error **errp)
 {
 MachineState *machine = MACHINE(qdev_get_machine());
 SCLPDevice *sclp = SCLP(dev);
-Error *l_err = NULL;
+Error *err = NULL;
 uint64_t hw_limit;
 int ret;
 
 object_property_set_bool(OBJECT(sclp->event_facility), true, "realized",
- _err);
-if (l_err) {
+ );
+if (err) {
 goto error;
 }
 
 ret = s390_set_memory_limit(machine->maxram_size, _limit);
 if (ret == -E2BIG) {
-error_setg(_err, "qemu: host supports a maximum of %" PRIu64 " GB",
+error_setg(, "qemu: host supports a maximum of %" PRIu64 " GB",
hw_limit >> 30);
 goto error;
 } else if (ret) {
-error_setg(_err, "qemu: setting the guest size failed");
+error_setg(, "qemu: setting the guest size failed");
 goto error;
 }
 return;
 error:
-assert(l_err);
-error_propagate(errp, l_err);
+assert(err);
+error_propagate(errp, err);
 }
 
 static void sclp_memory_init(SCLPDevice *sclp)
-- 
2.4.3

[Qemu-devel] [PULL 36/41] vhdx: Fix "log that needs to be replayed" error message

[Markus Armbruster]

The arguments of error_setg_errno() should yield a short error string
without newlines.

Here, we try to append additional help to the error message by
embedding newlines in the error string.  That's nice, but it's doesn't
play nicely with the errno part.  tests/qemu-iotests/070.out shows the
resulting mess:

can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 
'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log 
that needs to be replayed.  To replay the log, execute:
 qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx': Operation 
not permitted

Switch to error_setg() and error_append_hint().  Result:

can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 
'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log 
that needs to be replayed
To replay the log, run:
qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx'

Signed-off-by: Markus Armbruster 
Reviewed-by: Eric Blake 
Message-Id: <1450452927-8346-21-git-send-email-arm...@redhat.com>
---
 block/vhdx-log.c   | 13 +++--
 tests/qemu-iotests/070.out |  5 +++--
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/block/vhdx-log.c b/block/vhdx-log.c
index 47ae4b1..ab86416 100644
--- a/block/vhdx-log.c
+++ b/block/vhdx-log.c
@@ -784,12 +784,13 @@ int vhdx_parse_log(BlockDriverState *bs, BDRVVHDXState 
*s, bool *flushed,
 if (logs.valid) {
 if (bs->read_only) {
 ret = -EPERM;
-error_setg_errno(errp, EPERM,
- "VHDX image file '%s' opened read-only, but "
- "contains a log that needs to be replayed.  To "
- "replay the log, execute:\n qemu-img check -r "
- "all '%s'",
- bs->filename, bs->filename);
+error_setg(errp,
+   "VHDX image file '%s' opened read-only, but "
+   "contains a log that needs to be replayed",
+   bs->filename);
+error_append_hint(errp,  "To replay the log, run:\n"
+  "qemu-img check -r all '%s'\n",
+  bs->filename);
 goto exit;
 }
 /* now flush the log */
diff --git a/tests/qemu-iotests/070.out b/tests/qemu-iotests/070.out
index ffd4251..131a5b1 100644
--- a/tests/qemu-iotests/070.out
+++ b/tests/qemu-iotests/070.out
@@ -1,8 +1,9 @@
 QA output created by 070
 
 === Verify open image read-only fails, due to dirty log ===
-can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 
'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log 
that needs to be replayed.  To replay the log, execute:
- qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx': Operation not 
permitted
+can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 
'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log 
that needs to be replayed
+To replay the log, run:
+qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx'
  no file open, try 'help open'
 === Verify open image replays log  ===
 read 18874368/18874368 bytes at offset 0
-- 
2.4.3

[Qemu-devel] [PULL 06/41] arm_mptimer: Don't use hw_error() in realize() method

[Markus Armbruster]

Device realize() methods aren't supposed to call hw_error(), they
should set an error and fail cleanly.  Do that.

Cc: Peter Maydell 
Cc: qemu-...@nongnu.org
Signed-off-by: Markus Armbruster 
Reviewed-by: Peter Maydell 
Message-Id: <1450370121-5768-4-git-send-email-arm...@redhat.com>
---
 hw/timer/arm_mptimer.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/hw/timer/arm_mptimer.c b/hw/timer/arm_mptimer.c
index 3e59c2a..5dfab66 100644
--- a/hw/timer/arm_mptimer.c
+++ b/hw/timer/arm_mptimer.c
@@ -220,8 +220,9 @@ static void arm_mptimer_realize(DeviceState *dev, Error 
**errp)
 int i;
 
 if (s->num_cpu < 1 || s->num_cpu > ARM_MPTIMER_MAX_CPUS) {
-hw_error("%s: num-cpu must be between 1 and %d\n",
- __func__, ARM_MPTIMER_MAX_CPUS);
+error_setg(errp, "num-cpu must be between 1 and %d",
+   ARM_MPTIMER_MAX_CPUS);
+return;
 }
 /* We implement one timer block per CPU, and expose multiple MMIO regions:
  *  * region 0 is "timer for this core"
-- 
2.4.3

[Qemu-devel] [PATCH RESEND] softfloat: fix return type of roundAndPackFloat16

[Aurelien Jarno]

The roundAndPackFloat16 function should return a float16 value, not a
float32 one. Fix that.

Cc: Peter Maydell 
Signed-off-by: Aurelien Jarno 
---
 fpu/softfloat.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Peter, given you are working on softfloat patches, you might want to get
this one merged at the same time.

diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index f1170fe..acc9099 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -3368,7 +3368,7 @@ static float16 packFloat16(flag zSign, int_fast16_t zExp, 
uint16_t zSig)
 | Binary Floating-Point Arithmetic.
 **/
 
-static float32 roundAndPackFloat16(flag zSign, int_fast16_t zExp,
+static float16 roundAndPackFloat16(flag zSign, int_fast16_t zExp,
uint32_t zSig, flag ieee,
float_status *status)
 {
-- 
2.1.4

Re: [Qemu-devel] [PATCH v5 0/6] i386: expose floppy-related objects in SSDT

[Roman Kagan]

On Wed, Jan 13, 2016 at 06:49:44PM +0300, Roman Kagan wrote:
> On Wed, Jan 13, 2016 at 03:36:18PM +0100, Laszlo Ersek wrote:
> > On 12/30/15 21:11, Roman Kagan wrote:
> > > Windows on UEFI systems is only capable of detecting the presence and
> > > the type of floppy drives via corresponding ACPI objects.
> > 
> > I'm late to the party, but please allow me a question:
> > 
> > how did you figure out that UEFI Windows requires this?
> > 
> > In general, what the ACPI specification says is at best a "guideline"
> > for Windows. So how did you prove this was a requirement for Windows?
> 
> Well, my statement above that Windows on UEFI can detect floppies *only*
> via ACPI is probably a bit stronger than I can actually prove but
> 
> - Windows on OVMF didn't see floppies before the patch, while Linux did
>   (by querying CMOS)
> 
> - a number of sources on the internet hinted that Windows needed ACPI
>   assistance for that, e.g.:
> 
>   https://www.reactos.org/wiki/UEFI#Floppy
>   
> https://social.technet.microsoft.com/Forums/windows/en-US/f17db175-d146-4518-b2e9-c12a15031222/legacy-floppy-compatibility-with-uefi-boot?forum=w7itprohardware
>   
> https://social.technet.microsoft.com/Forums/windows/en-US/e91ec27b-0c2d-44a3-b949-e77fa810a4c0/windows-7-uefi-fdd-how-to?forum=w7itprohardware
> 
> - the links mentioned the need in _FDE object but indicated it only
>   allowed for successful enumeration of floppies, not the actual access;
>   I proved that experimentally
> 
> - the ACPI spec stated that _FDE went in concert with _FDI so I tried it
>   and it worked out
> 
> Voila.  Besides, I later discovered that a similar research had been
> carried out for Parallels proprietary hypervisor, with a similar
> outcome.

Ah, I wish I saw your comment
https://bugzilla.redhat.com/show_bug.cgi?id=1212317#c5
I'd probably proceed directly to trying _FDI :)

Roman.

Re: [Qemu-devel] [PATCH v2] ARM: Virt: Don't generate RTC ACPI device when using UEFI

[Andrew Jones]

On Wed, Jan 13, 2016 at 10:54:17PM +0800, Shannon Zhao wrote:
> When booting the VM with UEFI, UEFI takes ownership of the RTC hardware.
> While UEFI can use libfdt to disable the RTC device node in the DTB that
> it passes to the OS, it cannot modify AML. Therefore, we won't generate
> the RTC ACPI device at all when using UEFI.

I think a condensed comment similar to this commit message would be nice
in build_dsdt, or somewhere. We have a policy for mach-virt of generating
ACPI for everything we generate DT. It'd be good if we documented all the
divergences in order to avoid confusion. I won't insist though.

Thanks,
drew

Re: [Qemu-devel] [PATCH v2] ARM: Virt: Don't generate RTC ACPI device when using UEFI

[Laszlo Ersek]

On 01/13/16 17:16, Andrew Jones wrote:
> On Wed, Jan 13, 2016 at 10:54:17PM +0800, Shannon Zhao wrote:
>> When booting the VM with UEFI, UEFI takes ownership of the RTC hardware.
>> While UEFI can use libfdt to disable the RTC device node in the DTB that
>> it passes to the OS, it cannot modify AML. Therefore, we won't generate
>> the RTC ACPI device at all when using UEFI.
> 
> I think a condensed comment similar to this commit message would be nice
> in build_dsdt, or somewhere. We have a policy for mach-virt of generating
> ACPI for everything we generate DT. It'd be good if we documented all the
> divergences in order to avoid confusion. [...]

Good idea!

Thanks
Laszlo

[Qemu-devel] [PATCH RESEND] fix MSI injection on Xen

[Stefano Stabellini]

On Xen MSIs can be remapped into pirqs, which are a type of event
channels. It's mostly for the benefit of PCI passthrough devices, to
avoid the overhead of interacting with the emulated lapic.

However remapping interrupts and MSIs is also supported for emulated
devices, such as the e1000 and virtio-net.

When an interrupt or an MSI is remapped into a pirq, masking and
unmasking is done by masking and unmasking the event channel. The
masking bit on the PCI config space or MSI-X table should be ignored,
but it isn't at the moment.

As a consequence emulated devices which use MSI or MSI-X, such as
virtio-net, don't work properly (the guest doesn't receive any
notifications). The mechanism was working properly when xen_apic was
introduced, but I haven't narrowed down which commit in particular is
causing the regression.

Fix the issue by ignoring the masking bit for MSI and MSI-X which have
been remapped into pirqs.

Signed-off-by: Stefano Stabellini 


diff --git a/hw/pci/msi.c b/hw/pci/msi.c
index f9c0484..3998725 100644
--- a/hw/pci/msi.c
+++ b/hw/pci/msi.c
@@ -19,6 +19,7 @@
  */
 
 #include "hw/pci/msi.h"
+#include "hw/xen/xen.h"
 #include "qemu/range.h"
 
 /* PCI_MSI_ADDRESS_LO */
@@ -253,13 +254,19 @@ void msi_reset(PCIDevice *dev)
 static bool msi_is_masked(const PCIDevice *dev, unsigned int vector)
 {
 uint16_t flags = pci_get_word(dev->config + msi_flags_off(dev));
-uint32_t mask;
+uint32_t mask, data;
+bool msi64bit = flags & PCI_MSI_FLAGS_64BIT;
 assert(vector < PCI_MSI_VECTORS_MAX);
 
 if (!(flags & PCI_MSI_FLAGS_MASKBIT)) {
 return false;
 }
 
+data = pci_get_word(dev->config + msi_data_off(dev, msi64bit));
+if (xen_is_pirq_msi(data)) {
+return false;
+}
+
 mask = pci_get_long(dev->config +
 msi_mask_off(dev, flags & PCI_MSI_FLAGS_64BIT));
 return mask & (1U << vector);
diff --git a/hw/pci/msix.c b/hw/pci/msix.c
index 7716bf3..96281c2 100644
--- a/hw/pci/msix.c
+++ b/hw/pci/msix.c
@@ -18,6 +18,7 @@
 #include "hw/pci/msi.h"
 #include "hw/pci/msix.h"
 #include "hw/pci/pci.h"
+#include "hw/xen/xen.h"
 #include "qemu/range.h"
 
 #define MSIX_CAP_LENGTH 12
@@ -77,8 +78,15 @@ static void msix_clr_pending(PCIDevice *dev, int vector)
 
 static bool msix_vector_masked(PCIDevice *dev, unsigned int vector, bool fmask)
 {
-unsigned offset = vector * PCI_MSIX_ENTRY_SIZE + 
PCI_MSIX_ENTRY_VECTOR_CTRL;
-return fmask || dev->msix_table[offset] & PCI_MSIX_ENTRY_CTRL_MASKBIT;
+unsigned offset = vector * PCI_MSIX_ENTRY_SIZE;
+uint32_t *data = (uint32_t *)>msix_table[offset + 
PCI_MSIX_ENTRY_DATA];
+/* MSIs on Xen can be remapped into pirqs. In those cases, masking
+ * and unmasking go through the PV evtchn path. */
+if (xen_is_pirq_msi(*data)) {
+return false;
+}
+return fmask || dev->msix_table[offset + PCI_MSIX_ENTRY_VECTOR_CTRL] &
+PCI_MSIX_ENTRY_CTRL_MASKBIT;
 }
 
 bool msix_is_masked(PCIDevice *dev, unsigned int vector)
diff --git a/hw/xen/xen_pt_msi.c b/hw/xen/xen_pt_msi.c
index 82de2bc..375707e 100644
--- a/hw/xen/xen_pt_msi.c
+++ b/hw/xen/xen_pt_msi.c
@@ -113,9 +113,7 @@ static int msi_msix_setup(XenPCIPassthroughState *s,
 
 assert((!is_msix && msix_entry == 0) || is_msix);
 
-if (gvec == 0) {
-/* if gvec is 0, the guest is asking for a particular pirq that
- * is passed as dest_id */
+if (xen_is_pirq_msi(data)) {
 *ppirq = msi_ext_dest_id(addr >> 32) | msi_dest_id(addr);
 if (!*ppirq) {
 /* this probably identifies an misconfiguration of the guest,
diff --git a/include/hw/xen/xen.h b/include/hw/xen/xen.h
index 4356af4..b15b2f5 100644
--- a/include/hw/xen/xen.h
+++ b/include/hw/xen/xen.h
@@ -32,6 +32,7 @@ int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num);
 void xen_piix3_set_irq(void *opaque, int irq_num, int level);
 void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int len);
 void xen_hvm_inject_msi(uint64_t addr, uint32_t data);
+int xen_is_pirq_msi(uint32_t msi_data);
 
 qemu_irq *xen_interrupt_controller_init(void);
 
diff --git a/xen-hvm-stub.c b/xen-hvm-stub.c
index 46867d8..ce22a82 100644
--- a/xen-hvm-stub.c
+++ b/xen-hvm-stub.c
@@ -30,6 +30,11 @@ void xen_hvm_inject_msi(uint64_t addr, uint32_t data)
 {
 }
 
+int xen_is_pirq_msi(uint32_t msi_data)
+{
+return 0;
+}
+
 void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size, MemoryRegion *mr)
 {
 }
diff --git a/xen-hvm.c b/xen-hvm.c
index 3371c4e..21dd301 100644
--- a/xen-hvm.c
+++ b/xen-hvm.c
@@ -12,6 +12,7 @@
 
 #include "hw/pci/pci.h"
 #include "hw/i386/pc.h"
+#include "hw/i386/apic-msidef.h"
 #include "hw/xen/xen_common.h"
 #include "hw/xen/xen_backend.h"
 #include "qmp-commands.h"
@@ -156,6 +157,14 @@ void xen_piix_pci_write_config_client(uint32_t address, 
uint32_t val, int len)
 }
 }
 
+int xen_is_pirq_msi(uint32_t msi_data)
+{
+/* If vector is 0, the msi is remapped into a 

Re: [Qemu-devel] [PATCH v2] ARM: Virt: Don't generate RTC ACPI device when using UEFI

[Ard Biesheuvel]

On 13 January 2016 at 15:54, Shannon Zhao  wrote:
> When booting the VM with UEFI, UEFI takes ownership of the RTC hardware.
> While UEFI can use libfdt to disable the RTC device node in the DTB that
> it passes to the OS, it cannot modify AML. Therefore, we won't generate
> the RTC ACPI device at all when using UEFI.
>
> Signed-off-by: Shannon Zhao 
> ---

Acked-by: Ard Biesheuvel 

> v2: just totally don't generate the RTC ACPI device when using UEFI
> ---
>  hw/arm/virt-acpi-build.c | 19 ---
>  1 file changed, 19 deletions(-)
>
> diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
> index 0caf5ce..ac568a3 100644
> --- a/hw/arm/virt-acpi-build.c
> +++ b/hw/arm/virt-acpi-build.c
> @@ -94,23 +94,6 @@ static void acpi_dsdt_add_uart(Aml *scope, const 
> MemMapEntry *uart_memmap,
>  aml_append(scope, dev);
>  }
>
> -static void acpi_dsdt_add_rtc(Aml *scope, const MemMapEntry *rtc_memmap,
> -  uint32_t rtc_irq)
> -{
> -Aml *dev = aml_device("RTC0");
> -aml_append(dev, aml_name_decl("_HID", aml_string("LNRO0013")));
> -aml_append(dev, aml_name_decl("_UID", aml_int(0)));
> -
> -Aml *crs = aml_resource_template();
> -aml_append(crs, aml_memory32_fixed(rtc_memmap->base,
> -   rtc_memmap->size, AML_READ_WRITE));
> -aml_append(crs,
> -   aml_interrupt(AML_CONSUMER, AML_LEVEL, AML_ACTIVE_HIGH,
> - AML_EXCLUSIVE, _irq, 1));
> -aml_append(dev, aml_name_decl("_CRS", crs));
> -aml_append(scope, dev);
> -}
> -
>  static void acpi_dsdt_add_flash(Aml *scope, const MemMapEntry *flash_memmap)
>  {
>  Aml *dev, *crs;
> @@ -575,8 +558,6 @@ build_dsdt(GArray *table_data, GArray *linker, 
> VirtGuestInfo *guest_info)
>  acpi_dsdt_add_cpus(scope, guest_info->smp_cpus);
>  acpi_dsdt_add_uart(scope, [VIRT_UART],
> (irqmap[VIRT_UART] + ARM_SPI_BASE));
> -acpi_dsdt_add_rtc(scope, [VIRT_RTC],
> -  (irqmap[VIRT_RTC] + ARM_SPI_BASE));
>  acpi_dsdt_add_flash(scope, [VIRT_FLASH]);
>  acpi_dsdt_add_virtio(scope, [VIRT_MMIO],
>  (irqmap[VIRT_MMIO] + ARM_SPI_BASE), 
> NUM_VIRTIO_TRANSPORTS);
> --
> 2.1.0
>

[Qemu-devel] [PATCH v2] ARM: Virt: Don't generate RTC ACPI device when using UEFI

[Shannon Zhao]

When booting the VM with UEFI, UEFI takes ownership of the RTC hardware.
While UEFI can use libfdt to disable the RTC device node in the DTB that
it passes to the OS, it cannot modify AML. Therefore, we won't generate
the RTC ACPI device at all when using UEFI.

Signed-off-by: Shannon Zhao 
---
v2: just totally don't generate the RTC ACPI device when using UEFI
---
 hw/arm/virt-acpi-build.c | 19 ---
 1 file changed, 19 deletions(-)

diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index 0caf5ce..ac568a3 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -94,23 +94,6 @@ static void acpi_dsdt_add_uart(Aml *scope, const MemMapEntry 
*uart_memmap,
 aml_append(scope, dev);
 }
 
-static void acpi_dsdt_add_rtc(Aml *scope, const MemMapEntry *rtc_memmap,
-  uint32_t rtc_irq)
-{
-Aml *dev = aml_device("RTC0");
-aml_append(dev, aml_name_decl("_HID", aml_string("LNRO0013")));
-aml_append(dev, aml_name_decl("_UID", aml_int(0)));
-
-Aml *crs = aml_resource_template();
-aml_append(crs, aml_memory32_fixed(rtc_memmap->base,
-   rtc_memmap->size, AML_READ_WRITE));
-aml_append(crs,
-   aml_interrupt(AML_CONSUMER, AML_LEVEL, AML_ACTIVE_HIGH,
- AML_EXCLUSIVE, _irq, 1));
-aml_append(dev, aml_name_decl("_CRS", crs));
-aml_append(scope, dev);
-}
-
 static void acpi_dsdt_add_flash(Aml *scope, const MemMapEntry *flash_memmap)
 {
 Aml *dev, *crs;
@@ -575,8 +558,6 @@ build_dsdt(GArray *table_data, GArray *linker, 
VirtGuestInfo *guest_info)
 acpi_dsdt_add_cpus(scope, guest_info->smp_cpus);
 acpi_dsdt_add_uart(scope, [VIRT_UART],
(irqmap[VIRT_UART] + ARM_SPI_BASE));
-acpi_dsdt_add_rtc(scope, [VIRT_RTC],
-  (irqmap[VIRT_RTC] + ARM_SPI_BASE));
 acpi_dsdt_add_flash(scope, [VIRT_FLASH]);
 acpi_dsdt_add_virtio(scope, [VIRT_MMIO],
 (irqmap[VIRT_MMIO] + ARM_SPI_BASE), NUM_VIRTIO_TRANSPORTS);
-- 
2.1.0

[Qemu-devel] [PATCH v2] arm64: kernel: fix architected PMU registers unconditional access

[Lorenzo Pieralisi]

The Performance Monitors extension is an optional feature of the
AArch64 architecture, therefore, in order to access Performance
Monitors registers safely, the kernel should detect the architected
PMU unit presence through the ID_AA64DFR0_EL1 register PMUVer field
before accessing them.

This patch implements a guard by reading the ID_AA64DFR0_EL1 register
PMUVer field to detect the architected PMU presence and prevent accessing
PMU system registers if the Performance Monitors extension is not
implemented in the core.

Fixes: 60792ad349f3 ("arm64: kernel: enforce pmuserenr_el0 initialization and 
restore")
Signed-off-by: Lorenzo Pieralisi 
Reported-by: Guenter Roeck 
Tested-by: Guenter Roeck 
Cc: Will Deacon 
Cc: Peter Maydell 
Cc: Mark Rutland 
---
v1 -> v2

- Updated the PMUVer field conditional check to take into account
  future PMU versions

v1: 
http://lists.infradead.org/pipermail/linux-arm-kernel/2016-January/398090.html

Will,

rebased on top of mainline, we should be tagging stable before merging.

It applies to current mainline (commit 67990608c8b9).

Tested on Juno and QEMU.

Thanks,
Lorenzo

 arch/arm64/kernel/head.S|  5 +
 arch/arm64/mm/proc-macros.S | 12 
 arch/arm64/mm/proc.S|  4 ++--
 3 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index ffe9c2b..917d981 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -514,9 +514,14 @@ CPU_LE(movkx0, #0x30d0, lsl #16)   // 
Clear EE and E0E on LE systems
 #endif
 
/* EL2 debug */
+   mrs x0, id_aa64dfr0_el1 // Check ID_AA64DFR0_EL1 PMUVer
+   sbfxx0, x0, #8, #4
+   cmp x0, #1
+   b.lt4f  // Skip if no PMU present
mrs x0, pmcr_el0// Disable debug access traps
ubfxx0, x0, #11, #5 // to EL2 and allow access to
msr mdcr_el2, x0// all PMU counters from EL1
+4:
 
/* Stage-2 translation */
msr vttbr_el2, xzr
diff --git a/arch/arm64/mm/proc-macros.S b/arch/arm64/mm/proc-macros.S
index 146bd99..e6a30e1 100644
--- a/arch/arm64/mm/proc-macros.S
+++ b/arch/arm64/mm/proc-macros.S
@@ -84,3 +84,15 @@
b.lo9998b
dsb \domain
.endm
+
+/*
+ * reset_pmuserenr_el0 - reset PMUSERENR_EL0 if PMUv3 present
+ */
+   .macro  reset_pmuserenr_el0, tmpreg
+   mrs \tmpreg, id_aa64dfr0_el1// Check ID_AA64DFR0_EL1 PMUVer
+   sbfx\tmpreg, \tmpreg, #8, #4
+   cmp \tmpreg, #1 // Skip if no PMU present
+   b.lt9000f
+   msr pmuserenr_el0, xzr  // Disable PMU access from EL0
+9000:
+   .endm
diff --git a/arch/arm64/mm/proc.S b/arch/arm64/mm/proc.S
index a3d867e..c164d2c 100644
--- a/arch/arm64/mm/proc.S
+++ b/arch/arm64/mm/proc.S
@@ -117,7 +117,7 @@ ENTRY(cpu_do_resume)
 */
ubfxx11, x11, #1, #1
msr oslar_el1, x11
-   msr pmuserenr_el0, xzr  // Disable PMU access from EL0
+   reset_pmuserenr_el0 x0  // Disable PMU access from EL0
mov x0, x12
dsb nsh // Make sure local tlb invalidation completed
isb
@@ -154,7 +154,7 @@ ENTRY(__cpu_setup)
msr cpacr_el1, x0   // Enable FP/ASIMD
mov x0, #1 << 12// Reset mdscr_el1 and disable
msr mdscr_el1, x0   // access to the DCC from EL0
-   msr pmuserenr_el0, xzr  // Disable PMU access from EL0
+   reset_pmuserenr_el0 x0  // Disable PMU access from EL0
/*
 * Memory region attributes for LPAE:
 *
-- 
2.5.1

[Qemu-devel] [PULL 8/9] virtio-ccw: fix sanity check for vector

[Cornelia Huck]

From: Halil Pasic 

The commit 8dfbaa6ac ("virtio-ccw: introduce ccw specific queue limit")
did not touch the sanity check for the vector argument of the method
virtio_ccw_notify, despite intended as seen from
https://lists.nongnu.org/archive/html/qemu-devel/2015-04/msg02705.html
To be able to scale number of virtqueues using the constant this sanity
check needs to be altered.

Fixes: 8dfbaa6ac ("virtio-ccw: introduce ccw specific queue limit")
Reviewed-by: Cornelia Huck 
Signed-off-by: Halil Pasic 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/virtio-ccw.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index 63da303..95a6c14 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -1177,7 +1177,8 @@ static void virtio_ccw_notify(DeviceState *d, uint16_t 
vector)
 SubchDev *sch = dev->sch;
 uint64_t indicators;
 
-if (vector >= 128) {
+/* queue indicators + secondary indicators */
+if (vector >= VIRTIO_CCW_QUEUE_MAX + 64) {
 return;
 }
 
-- 
2.7.0

[Qemu-devel] [PULL 2/9] s390x: remove s390-virtio machine

[Cornelia Huck]

From: Pierre Morel 

Remove machine code for the s390-virtio machine, but keep functions
useful for the ccw machine.

Signed-off-by: Pierre Morel 
Acked-by: Cornelia Huck 
Acked-by: Christian Borntraeger 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/s390-virtio.c | 162 -
 1 file changed, 162 deletions(-)

diff --git a/hw/s390x/s390-virtio.c b/hw/s390x/s390-virtio.c
index ae55760..e4ecf0d 100644
--- a/hw/s390x/s390-virtio.c
+++ b/hw/s390x/s390-virtio.c
@@ -61,7 +61,6 @@
 #define S390_TOD_CLOCK_VALUE_MISSING0x00
 #define S390_TOD_CLOCK_VALUE_PRESENT0x01
 
-static VirtIOS390Bus *s390_bus;
 static S390CPU **ipi_states;
 
 S390CPU *s390_cpu_addr2state(uint16_t cpu_addr)
@@ -73,78 +72,6 @@ S390CPU *s390_cpu_addr2state(uint16_t cpu_addr)
 return ipi_states[cpu_addr];
 }
 
-static int s390_virtio_hcall_notify(const uint64_t *args)
-{
-uint64_t mem = args[0];
-int r = 0, i;
-
-if (mem > ram_size) {
-VirtIOS390Device *dev = s390_virtio_bus_find_vring(s390_bus, mem, );
-if (dev) {
-/*
- * Older kernels will use the virtqueue before setting DRIVER_OK.
- * In this case the feature bits are not yet up to date, meaning
- * that several funny things can happen, e.g. the guest thinks
- * EVENT_IDX is on and QEMU thinks it is off. Let's force a feature
- * and status sync.
- */
-if (!(dev->vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) {
-s390_virtio_device_update_status(dev);
-}
-virtio_queue_notify(dev->vdev, i);
-} else {
-r = -EINVAL;
-}
-} else {
-/* Early printk */
-}
-return r;
-}
-
-static int s390_virtio_hcall_reset(const uint64_t *args)
-{
-uint64_t mem = args[0];
-VirtIOS390Device *dev;
-
-dev = s390_virtio_bus_find_mem(s390_bus, mem);
-if (dev == NULL) {
-return -EINVAL;
-}
-virtio_reset(dev->vdev);
-address_space_stb(_space_memory,
-  dev->dev_offs + VIRTIO_DEV_OFFS_STATUS, 0,
-  MEMTXATTRS_UNSPECIFIED, NULL);
-s390_virtio_device_sync(dev);
-s390_virtio_reset_idx(dev);
-
-return 0;
-}
-
-static int s390_virtio_hcall_set_status(const uint64_t *args)
-{
-uint64_t mem = args[0];
-int r = 0;
-VirtIOS390Device *dev;
-
-dev = s390_virtio_bus_find_mem(s390_bus, mem);
-if (dev) {
-s390_virtio_device_update_status(dev);
-} else {
-r = -EINVAL;
-}
-return r;
-}
-
-static void s390_virtio_register_hcalls(void)
-{
-s390_register_virtio_hypercall(KVM_S390_VIRTIO_NOTIFY,
-   s390_virtio_hcall_notify);
-s390_register_virtio_hypercall(KVM_S390_VIRTIO_RESET,
-   s390_virtio_hcall_reset);
-s390_register_virtio_hypercall(KVM_S390_VIRTIO_SET_STATUS,
-   s390_virtio_hcall_set_status);
-}
-
 void s390_init_ipl_dev(const char *kernel_filename,
const char *kernel_cmdline,
const char *initrd_filename,
@@ -261,58 +188,6 @@ int gtod_load(QEMUFile *f, void *opaque, int version_id)
 return 0;
 }
 
-/* PC hardware initialisation */
-static void s390_init(MachineState *machine)
-{
-ram_addr_t my_ram_size;
-void *virtio_region;
-hwaddr virtio_region_len;
-hwaddr virtio_region_start;
-
-if (!qtest_enabled()) {
-error_printf("WARNING\n"
- "The s390-virtio machine (non-ccw) is deprecated.\n"
- "It will be removed in 2.6. Please use 
s390-ccw-virtio\n");
-}
-
-if (machine->ram_slots) {
-error_report("Memory hotplug not supported by the selected machine.");
-exit(EXIT_FAILURE);
-}
-s390_sclp_init();
-my_ram_size = machine->ram_size;
-
-/* get a BUS */
-s390_bus = s390_virtio_bus_init(_ram_size);
-s390_init_ipl_dev(machine->kernel_filename, machine->kernel_cmdline,
-  machine->initrd_filename, ZIPL_FILENAME, false);
-s390_flic_init();
-
-/* register hypercalls */
-s390_virtio_register_hcalls();
-
-/* allocate RAM */
-s390_memory_init(my_ram_size);
-
-/* clear virtio region */
-virtio_region_len = my_ram_size - ram_size;
-virtio_region_start = ram_size;
-virtio_region = cpu_physical_memory_map(virtio_region_start,
-_region_len, true);
-memset(virtio_region, 0, virtio_region_len);
-cpu_physical_memory_unmap(virtio_region, virtio_region_len, 1,
-  virtio_region_len);
-
-/* init CPUs */
-s390_init_cpus(machine->cpu_model);
-
-/* Create VirtIO network adapters */
-s390_create_virtio_net((BusState *)s390_bus, 

[Qemu-devel] [PULL 6/9] s390x/virtio: use qemu_check_nic_model()

[Cornelia Huck]

Switching to the generally used interface changes the output of

s390x-softmmu/qemu-system-s390x -net nic,model=?

from

S390 only supports VirtIO nics

to the rather more useful

qemu: Supported NIC models: virtio

while still giving us a sensible error message for unsupported
models:

s390x-softmmu/qemu-system-s390x -net nic,model=foo
qemu-system-s390x: Unsupported NIC model: foo

Acked-by: David Hildenbrand 
Acked-by: Christian Borntraeger 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/s390-virtio.c | 5 +
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/hw/s390x/s390-virtio.c b/hw/s390x/s390-virtio.c
index 5dbb815..946325f 100644
--- a/hw/s390x/s390-virtio.c
+++ b/hw/s390x/s390-virtio.c
@@ -131,10 +131,7 @@ void s390_create_virtio_net(BusState *bus, const char 
*name)
 nd->model = g_strdup("virtio");
 }
 
-if (strcmp(nd->model, "virtio")) {
-fprintf(stderr, "S390 only supports VirtIO nics\n");
-exit(1);
-}
+qemu_check_nic_model(nd, "virtio");
 
 dev = qdev_create(bus, name);
 qdev_set_nic_properties(dev, nd);
-- 
2.7.0

Re: [Qemu-devel] [PATCH 06/10] qemu-img: Prepare for locked images

[Kevin Wolf]

Am 13.01.2016 um 09:44 hat Markus Armbruster geschrieben:
> Kevin Wolf  writes:
> 
> > Am 12.01.2016 um 16:20 hat Markus Armbruster geschrieben:
> >> Kevin Wolf  writes:
> >> 
> >> > Am 11.01.2016 um 16:49 hat Markus Armbruster geschrieben:
> >> >> Eric Blake  writes:
> >> >> 
> >> >> > On 12/22/2015 09:46 AM, Kevin Wolf wrote:
> >> >> >> This patch extends qemu-img for working with locked images. It 
> >> >> >> prints a
> >> >> >> helpful error message when trying to access a locked image 
> >> >> >> read-write,
> >> >> >> and adds a 'qemu-img force-unlock' command as well as a 'qemu-img 
> >> >> >> check
> >> >> >> -r all --force' option in order to override a lock left behind after 
> >> >> >> a
> >> >> >> qemu crash.
> >> >> >> 
> >> >> >> Signed-off-by: Kevin Wolf 
> >> >> >> ---
> >> >> >>  include/block/block.h |  1 +
> >> >> >>  include/qapi/error.h  |  1 +
> >> >> >>  qapi/common.json  |  3 +-
> >> >> >>  qemu-img-cmds.hx  | 10 --
> >> >> >>  qemu-img.c | 96
> >> >> >> +++
> >> >> >>  qemu-img.texi | 20 ++-
> >> >> >>  6 files changed, 113 insertions(+), 18 deletions(-)
> >> >> >> 
> >> >> >
> >> >> >> +++ b/include/qapi/error.h
> >> >> >> @@ -102,6 +102,7 @@ typedef enum ErrorClass {
> >> >> >>  ERROR_CLASS_DEVICE_NOT_ACTIVE = 
> >> >> >> QAPI_ERROR_CLASS_DEVICENOTACTIVE,
> >> >> >>  ERROR_CLASS_DEVICE_NOT_FOUND = QAPI_ERROR_CLASS_DEVICENOTFOUND,
> >> >> >>  ERROR_CLASS_KVM_MISSING_CAP = QAPI_ERROR_CLASS_KVMMISSINGCAP,
> >> >> >> +ERROR_CLASS_IMAGE_FILE_LOCKED = 
> >> >> >> QAPI_ERROR_CLASS_IMAGEFILELOCKED,
> >> >> >>  } ErrorClass;
> >> >> >
> >> >> > Wow - a new ErrorClass.  It's been a while since we could justify one 
> >> >> > of
> >> >> > these, but I think you might have found a case.
> >> >> 
> >> >> Spell out the rationale for the new ErrorClass, please.
> >> >
> >> > Action to be taken for this error class: Decide whether the lock is a
> >> > leftover from a previous qemu run that ended in an unclean shutdown. If
> >> > so, retry with overriding the lock.
> >> >
> >> > Currently used by qemu-img when ordered to override a lock. libvirt
> >> > will need to do the same.
> >> 
> >> Let's see whether I understand the intended use:
> >> 
> >> open image
> >> if open fails with ImageFileLocked:
> >> guess whether the lock is stale
> >> if guessing not stale:
> >> error out
> >> open image with lock override
> >> 
> >> Correct?
> >
> > Yes. Where "guess" is more or less "check whether the management tool
> > started qemu with this image, but didn't cleanly shut it down". This can
> > guess wrong if, and only if, some other user used a different algorithm
> > and forced an unlock even though the image didn't belong to them before
> > the crash.
> >
> >> Obvious troublespots:
> >> 
> >> 1. If you guess wrong, you destroy the image.  No worse than before, so
> >>okay, declare documentation problem.
> >> 
> >> 2. TOCTTOU open to open with lock override
> >>[...]
> >> 
> >> 3. TOCTTOU within open (hypothetical, haven't read your code)
> >>[...]
> >
> > Yes, these exist in theory. The question is what scenarios you want to
> > protect against and whether improving the mechanism to cover these cases
> > is worth the effort.
> >
> > The answer for what I wanted to protect is a manual action on an image
> > that is already in use. The user isn't quick enough to manually let two
> > processes open the same image at the same time, so I didn't consider
> > that scenario relevant.
> >
> > But assuming that everyone (including the human user) follows the above
> > protocol (force-unlock only what was yours before the crash), at least
> > cases 1 and 2 don't happen anyway.
> 
> "Force-unlock only what you locked yourself" is easier to stipulate than
> to adhere to when the tools can't give you a hint on who did the
> locking.  This is particularly true when "you" is a human, with human
> imperfect memory.
> 
> I understand that this locking can't provide complete protection, and
> merely aims to catch certain common accidents.
> 
> However, to avoid a false sense of security, its limitations need to be
> clearly documented.  This very much includes the rule "force-unlock only
> what you locked yourself".  In my opinion, it should also include the
> raciness.
> 
> Sometimes, solving a problem is easier than documenting it.

Maybe I'll just merge the migration fixes and shelve the rest of the
series until I'm bored enough to implement the "real thing" with an
incompatible feature flag, lock IDs with an autogenerated part and
another part from the user, saved host name and PID, and a qcow2 driver
that refuses to write anything to an image it doesn't hold the lock for
even in corner cases. For now, I've already used more time for this than
I intended (didn't expect all that live migration fun 

Re: [Qemu-devel] [PATCH v5 0/6] i386: expose floppy-related objects in SSDT

[Laszlo Ersek]

Hi Roman,

On 12/30/15 21:11, Roman Kagan wrote:
> Windows on UEFI systems is only capable of detecting the presence and
> the type of floppy drives via corresponding ACPI objects.

I'm late to the party, but please allow me a question:

how did you figure out that UEFI Windows requires this?

In general, what the ACPI specification says is at best a "guideline"
for Windows. So how did you prove this was a requirement for Windows?

Thanks
Laszlo

> 
> Those objects are added in patch 5; the preceding ones pave the way to
> it, by making the necessary data public and by moving the whole
> floppy drive controller description into runtime-generated SSDT.
> 
> Note that the series conflicts with Igor's patchset for dynamic DSDT, in
> particular, with "[PATCH v2 27/51] pc: acpi: move FDC0 device from DSDT
> to SSDT"; I haven't managed to avoid that while trying to meet
> maintainer's comments.
> 
> Roman Kagan (6):
>   i386/pc: expose identifying the floppy controller
>   i386/acpi: make floppy controller object dynamic
>   tests/acpi: update test data
>   expose floppy drive geometry and CMOS type
>   i386: populate floppy drive information in SSDT
>   tests/acpi: update test data
> 
> Signed-off-by: Roman Kagan 
> Cc: "Michael S. Tsirkin" 
> Cc: Eduardo Habkost 
> Cc: Igor Mammedov 
> Cc: John Snow 
> Cc: Kevin Wolf 
> Cc: Paolo Bonzini 
> Cc: Richard Henderson 
> Cc: qemu-bl...@nongnu.org
> Cc: qemu-sta...@nongnu.org
> ---
> changes since v4:
>  - re-split out code changes from test data updates
> 
> changes since v3:
>  - make FDC object fully dynamic in a separate patch
>  - split out support patches
>  - include test data updates with the respective patches to maintain
>bisectability
> 
> changes since v2:
>  - explicit endianness for buffer data
>  - reorder code to reduce conflicts with dynamic DSDT patchset
>  - update test data
> 
>  hw/block/fdc.c  |  11 +
>  hw/i386/acpi-build.c|  92 
> 
>  hw/i386/acpi-dsdt-isa.dsl   |  18 ---
>  hw/i386/acpi-dsdt.dsl   |   1 -
>  hw/i386/pc.c|  46 ++
>  hw/i386/q35-acpi-dsdt.dsl   |   7 +--
>  include/hw/block/fdc.h  |   2 +
>  include/hw/i386/pc.h|   3 ++
>  tests/acpi-test-data/pc/DSDT| Bin 3028 -> 2946 bytes
>  tests/acpi-test-data/pc/SSDT| Bin 2486 -> 2635 bytes
>  tests/acpi-test-data/pc/SSDT.bridge | Bin 4345 -> 4494 bytes
>  tests/acpi-test-data/q35/DSDT   | Bin 7666 -> 7578 bytes
>  12 files changed, 137 insertions(+), 43 deletions(-)
> 

[Qemu-devel] [PULL 3/9] s390x: remove s390-virtio devices

[Cornelia Huck]

From: Pierre Morel 

The s390-virtio machine has been removed; remove the associated devices
as well.

hw/s390x/s390-virtio-bus.c and hw/s390x/s390-virtio-bus.h
have been deleted and removed from hw/s390x/Makefile.objs

virtio-size has no more meaning for the modern machine
and has been removed from helper.c and cpu.h

virtio-serial-s390 belonging to the old machine is
being removed from vl.c

Signed-off-by: Pierre Morel 
Acked-by: Cornelia Huck 
Acked-by: Christian Borntraeger 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/Makefile.objs |   2 +-
 hw/s390x/s390-virtio-bus.c | 758 -
 hw/s390x/s390-virtio-bus.h | 186 ---
 hw/s390x/s390-virtio.c |   1 -
 target-s390x/cpu.h |   3 -
 target-s390x/helper.c  |   2 +-
 vl.c   |   7 +-
 7 files changed, 3 insertions(+), 956 deletions(-)
 delete mode 100644 hw/s390x/s390-virtio-bus.c
 delete mode 100644 hw/s390x/s390-virtio-bus.h

diff --git a/hw/s390x/Makefile.objs b/hw/s390x/Makefile.objs
index 527d754..2203617 100644
--- a/hw/s390x/Makefile.objs
+++ b/hw/s390x/Makefile.objs
@@ -1,4 +1,4 @@
-obj-y = s390-virtio-bus.o s390-virtio.o
+obj-y += s390-virtio.o
 obj-y += s390-virtio-hcall.o
 obj-y += sclp.o
 obj-y += event-facility.o
diff --git a/hw/s390x/s390-virtio-bus.c b/hw/s390x/s390-virtio-bus.c
deleted file mode 100644
index 98cb129..000
--- a/hw/s390x/s390-virtio-bus.c
+++ /dev/null
@@ -1,758 +0,0 @@
-/*
- * QEMU S390 virtio target
- *
- * Copyright (c) 2009 Alexander Graf 
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, see .
- */
-
-#include "hw/hw.h"
-#include "sysemu/block-backend.h"
-#include "sysemu/sysemu.h"
-#include "hw/boards.h"
-#include "hw/loader.h"
-#include "elf.h"
-#include "hw/virtio/virtio.h"
-#include "hw/virtio/virtio-rng.h"
-#include "hw/virtio/virtio-serial.h"
-#include "hw/virtio/virtio-net.h"
-#include "hw/virtio/vhost-scsi.h"
-#include "hw/sysbus.h"
-#include "sysemu/kvm.h"
-
-#include "hw/s390x/s390-virtio-bus.h"
-#include "hw/virtio/virtio-bus.h"
-
-/* #define DEBUG_S390 */
-
-#ifdef DEBUG_S390
-#define DPRINTF(fmt, ...) \
-do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0)
-#else
-#define DPRINTF(fmt, ...) \
-do { } while (0)
-#endif
-
-#define VIRTIO_S390_QUEUE_MAX 64
-
-static void virtio_s390_bus_new(VirtioBusState *bus, size_t bus_size,
-VirtIOS390Device *dev);
-
-static const TypeInfo s390_virtio_bus_info = {
-.name = TYPE_S390_VIRTIO_BUS,
-.parent = TYPE_BUS,
-.instance_size = sizeof(VirtIOS390Bus),
-};
-
-static ram_addr_t s390_virtio_device_num_vq(VirtIOS390Device *dev);
-
-/* length of VirtIO device pages */
-const hwaddr virtio_size = S390_DEVICE_PAGES * TARGET_PAGE_SIZE;
-
-static void s390_virtio_bus_reset(void *opaque)
-{
-VirtIOS390Bus *bus = opaque;
-bus->next_ring = bus->dev_page + TARGET_PAGE_SIZE;
-}
-
-void s390_virtio_reset_idx(VirtIOS390Device *dev)
-{
-int i;
-hwaddr idx_addr;
-uint8_t num_vq;
-
-num_vq = s390_virtio_device_num_vq(dev);
-for (i = 0; i < num_vq; i++) {
-idx_addr = virtio_queue_get_avail_addr(dev->vdev, i) +
-VIRTIO_VRING_AVAIL_IDX_OFFS;
-address_space_stw(_space_memory, idx_addr, 0,
-  MEMTXATTRS_UNSPECIFIED, NULL);
-idx_addr = virtio_queue_get_avail_addr(dev->vdev, i) +
-virtio_queue_get_avail_size(dev->vdev, i);
-address_space_stw(_space_memory, idx_addr, 0,
-  MEMTXATTRS_UNSPECIFIED, NULL);
-idx_addr = virtio_queue_get_used_addr(dev->vdev, i) +
-VIRTIO_VRING_USED_IDX_OFFS;
-address_space_stw(_space_memory, idx_addr, 0,
-  MEMTXATTRS_UNSPECIFIED, NULL);
-idx_addr = virtio_queue_get_used_addr(dev->vdev, i) +
-virtio_queue_get_used_size(dev->vdev, i);
-address_space_stw(_space_memory, idx_addr, 0,
-  MEMTXATTRS_UNSPECIFIED, NULL);
-}
-}
-
-VirtIOS390Bus *s390_virtio_bus_init(ram_addr_t *ram_size)
-{
-VirtIOS390Bus *bus;
-BusState *_bus;
-DeviceState *dev;
-
-/* Create bridge device */
-dev = qdev_create(NULL, "s390-virtio-bridge");
-

[Qemu-devel] [PULL 1/9] s390x: add 2.6 compat machine

[Cornelia Huck]

New qemu version, new machine.

Acked-by: Christian Borntraeger 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/s390-virtio-ccw.c | 18 --
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 5a52ff2..8d7d04b 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -297,9 +297,7 @@ static void ccw_machine_2_5_class_init(ObjectClass *oc, 
void *data)
 {
 MachineClass *mc = MACHINE_CLASS(oc);
 
-mc->alias = "s390-ccw-virtio";
 mc->desc = "VirtIO-ccw based S390 machine v2.5";
-mc->is_default = 1;
 }
 
 static const TypeInfo ccw_machine_2_5_info = {
@@ -308,11 +306,27 @@ static const TypeInfo ccw_machine_2_5_info = {
 .class_init= ccw_machine_2_5_class_init,
 };
 
+static void ccw_machine_2_6_class_init(ObjectClass *oc, void *data)
+{
+MachineClass *mc = MACHINE_CLASS(oc);
+
+mc->alias = "s390-ccw-virtio";
+mc->desc = "VirtIO-ccw based S390 machine v2.6";
+mc->is_default = 1;
+}
+
+static const TypeInfo ccw_machine_2_6_info = {
+.name  = MACHINE_TYPE_NAME("s390-ccw-virtio-2.6"),
+.parent= TYPE_S390_CCW_MACHINE,
+.class_init= ccw_machine_2_6_class_init,
+};
+
 static void ccw_machine_register_types(void)
 {
 type_register_static(_machine_info);
 type_register_static(_machine_2_4_info);
 type_register_static(_machine_2_5_info);
+type_register_static(_machine_2_6_info);
 }
 
 type_init(ccw_machine_register_types)
-- 
2.7.0

[Qemu-devel] [PULL 5/9] s390x/pci: code cleanup

[Cornelia Huck]

From: Yi Min Zhao 

Make use of the new FH_ENABLED define in existing code.

Signed-off-by: Yi Min Zhao 
Reviewed-by: Cornelia Huck 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/s390-pci-inst.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/s390x/s390-pci-inst.c b/hw/s390x/s390-pci-inst.c
index df57a7d..d521b2b 100644
--- a/hw/s390x/s390-pci-inst.c
+++ b/hw/s390x/s390-pci-inst.c
@@ -208,12 +208,12 @@ int clp_service_call(S390CPU *cpu, uint8_t r2)
 
 switch (reqsetpci->oc) {
 case CLP_SET_ENABLE_PCI_FN:
-pbdev->fh = pbdev->fh | 1 << ENABLE_BIT_OFFSET;
+pbdev->fh = pbdev->fh | FH_ENABLED;
 stl_p(>fh, pbdev->fh);
 stw_p(>hdr.rsp, CLP_RC_OK);
 break;
 case CLP_SET_DISABLE_PCI_FN:
-pbdev->fh = pbdev->fh & ~(1 << ENABLE_BIT_OFFSET);
+pbdev->fh = pbdev->fh & ~FH_ENABLED;
 pbdev->error_state = false;
 pbdev->lgstg_blocked = false;
 stl_p(>fh, pbdev->fh);
@@ -818,7 +818,7 @@ int stpcifc_service_call(S390CPU *cpu, uint8_t r1, uint64_t 
fiba, uint8_t ar)
((uint32_t)pbdev->sum << 7) | pbdev->routes.adapter.summary_offset;
 stl_p(, data);
 
-if (pbdev->fh >> ENABLE_BIT_OFFSET) {
+if (pbdev->fh & FH_ENABLED) {
 fib.fc |= 0x80;
 }
 
-- 
2.7.0

Re: [Qemu-devel] [PATCH v2] ARM: Virt: Don't generate RTC ACPI device when using UEFI

[Laszlo Ersek]

On 01/13/16 15:54, Shannon Zhao wrote:
> When booting the VM with UEFI, UEFI takes ownership of the RTC hardware.
> While UEFI can use libfdt to disable the RTC device node in the DTB that
> it passes to the OS, it cannot modify AML. Therefore, we won't generate
> the RTC ACPI device at all when using UEFI.
> 
> Signed-off-by: Shannon Zhao 
> ---
> v2: just totally don't generate the RTC ACPI device when using UEFI
> ---
>  hw/arm/virt-acpi-build.c | 19 ---
>  1 file changed, 19 deletions(-)
> 
> diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
> index 0caf5ce..ac568a3 100644
> --- a/hw/arm/virt-acpi-build.c
> +++ b/hw/arm/virt-acpi-build.c
> @@ -94,23 +94,6 @@ static void acpi_dsdt_add_uart(Aml *scope, const 
> MemMapEntry *uart_memmap,
>  aml_append(scope, dev);
>  }
>  
> -static void acpi_dsdt_add_rtc(Aml *scope, const MemMapEntry *rtc_memmap,
> -  uint32_t rtc_irq)
> -{
> -Aml *dev = aml_device("RTC0");
> -aml_append(dev, aml_name_decl("_HID", aml_string("LNRO0013")));
> -aml_append(dev, aml_name_decl("_UID", aml_int(0)));
> -
> -Aml *crs = aml_resource_template();
> -aml_append(crs, aml_memory32_fixed(rtc_memmap->base,
> -   rtc_memmap->size, AML_READ_WRITE));
> -aml_append(crs,
> -   aml_interrupt(AML_CONSUMER, AML_LEVEL, AML_ACTIVE_HIGH,
> - AML_EXCLUSIVE, _irq, 1));
> -aml_append(dev, aml_name_decl("_CRS", crs));
> -aml_append(scope, dev);
> -}
> -
>  static void acpi_dsdt_add_flash(Aml *scope, const MemMapEntry *flash_memmap)
>  {
>  Aml *dev, *crs;
> @@ -575,8 +558,6 @@ build_dsdt(GArray *table_data, GArray *linker, 
> VirtGuestInfo *guest_info)
>  acpi_dsdt_add_cpus(scope, guest_info->smp_cpus);
>  acpi_dsdt_add_uart(scope, [VIRT_UART],
> (irqmap[VIRT_UART] + ARM_SPI_BASE));
> -acpi_dsdt_add_rtc(scope, [VIRT_RTC],
> -  (irqmap[VIRT_RTC] + ARM_SPI_BASE));
>  acpi_dsdt_add_flash(scope, [VIRT_FLASH]);
>  acpi_dsdt_add_virtio(scope, [VIRT_MMIO],
>  (irqmap[VIRT_MMIO] + ARM_SPI_BASE), 
> NUM_VIRTIO_TRANSPORTS);
> 

Reviewed-by: Laszlo Ersek 

[Qemu-devel] [PULL 9/9] s390x/pci: return real state during listing PCI

[Cornelia Huck]

From: Yi Min Zhao 

At present, list_pci() shows all PCI devices as being in configured
state. As devices can be deconfigured by the guest, we need to show
the real configuration status instead.

Signed-off-by: Yi Min Zhao 
Reviewed-by: Cornelia Huck 
Signed-off-by: Cornelia Huck 
---
 hw/s390x/s390-pci-inst.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/s390x/s390-pci-inst.c b/hw/s390x/s390-pci-inst.c
index d521b2b..1a6a3e7 100644
--- a/hw/s390x/s390-pci-inst.c
+++ b/hw/s390x/s390-pci-inst.c
@@ -105,7 +105,8 @@ static int list_pci(ClpReqRspListPci *rrb, uint8_t *cc)
 pci_get_word(pbdev->pdev->config + PCI_DEVICE_ID));
 stw_p(>response.fh_list[idx - resume_token].vendor_id,
 pci_get_word(pbdev->pdev->config + PCI_VENDOR_ID));
-stl_p(>response.fh_list[idx - resume_token].config, 0x8000);
+stl_p(>response.fh_list[idx - resume_token].config,
+pbdev->configured << 31);
 stl_p(>response.fh_list[idx - resume_token].fid, pbdev->fid);
 stl_p(>response.fh_list[idx - resume_token].fh, pbdev->fh);
 
-- 
2.7.0

[Qemu-devel] [PATCH v3] xenfb.c: avoid expensive loops when prod <= out_cons

[Stefano Stabellini]

If the frontend sets out_cons to a value higher than out_prod, it will
cause xenfb_handle_events to loop about 2^32 times. Avoid that by using
better checks at the beginning of the function.

Signed-off-by: Stefano Stabellini 
Reported-by: Ling Liu 

---

Changes in v3:
- fix typo

---

diff --git a/hw/display/xenfb.c b/hw/display/xenfb.c
index 4e2a27a..594baff 100644
--- a/hw/display/xenfb.c
+++ b/hw/display/xenfb.c
@@ -789,8 +789,9 @@ static void xenfb_handle_events(struct XenFB *xenfb)
 
 prod = page->out_prod;
 out_cons = page->out_cons;
-if (prod == out_cons)
-   return;
+if (prod - out_cons >= XENFB_OUT_RING_LEN) {
+return;
+}
 xen_rmb(); /* ensure we see ring contents up to prod */
 for (cons = out_cons; cons != prod; cons++) {
union xenfb_out_event *event = _OUT_RING_REF(page, cons);

Re: [Qemu-devel] [RFC PATCH] vhost: fix lost interrupts from slow reacting back-end

[Victor Kaplansky]

On Tue, Jan 12, 2016 at 01:05:52PM +0100, Didier Pallard wrote:
> On 01/12/2016 09:26 AM, Victor Kaplansky wrote:
> >This RFC PATCH tries to solve the problem of lost interrupts
> >from a slow back-end. Didier could you test it?
> >
> >Thanks, Victor
> >
> >When interrupts are unmasked, it could take some undefined time
> >to the back-end to start routing events to guest_notifier. Till
> >that the events will continue flow to masked_notifier, and some
> >interrupts could be lost.
> >
> >This patch tries to handle the above situation by testing and
> >cleaning both masked_notifier and guest_notifier in
> >guest_notifier read handler.
> >
> >Signed-off-by: Victor Kaplansky 
> >---
> >  include/hw/virtio/virtio.h |  1 +
> >  hw/virtio/vhost.c  |  3 +++
> >  hw/virtio/virtio.c | 14 ++
> >  3 files changed, 18 insertions(+)
> >
> >diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
> >index 205fadf2..f52b0b6a 100644
> >--- a/include/hw/virtio/virtio.h
> >+++ b/include/hw/virtio/virtio.h
> >@@ -240,6 +240,7 @@ VirtQueue *virtio_get_queue(VirtIODevice *vdev, int n);
> >  uint16_t virtio_get_queue_index(VirtQueue *vq);
> >  int virtio_queue_get_id(VirtQueue *vq);
> >  EventNotifier *virtio_queue_get_guest_notifier(VirtQueue *vq);
> >+void virtio_queue_set_masked_guest_notifier(VirtQueue *vq, EventNotifier 
> >*n);
> >  void virtio_queue_set_guest_notifier_fd_handler(VirtQueue *vq, bool assign,
> >  bool with_irqfd);
> >  EventNotifier *virtio_queue_get_host_notifier(VirtQueue *vq);
> >diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
> >index de29968a..51ce1532 100644
> >--- a/hw/virtio/vhost.c
> >+++ b/hw/virtio/vhost.c
> >@@ -854,6 +854,9 @@ static int vhost_virtqueue_start(struct vhost_dev *dev,
> >  /* Clear and discard previous events if any. */
> >  event_notifier_test_and_clear(>masked_notifier);
> >+/* Set masked guest_notifier. */
> >+virtio_queue_set_masked_guest_notifier(vvq, >masked_notifier);
> >+
> >  return 0;
> >  fail_kick:
> >diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
> >index bd6b4df9..d9095c51 100644
> >--- a/hw/virtio/virtio.c
> >+++ b/hw/virtio/virtio.c
> >@@ -89,6 +89,7 @@ struct VirtQueue
> >  VirtIODevice *vdev;
> >  EventNotifier guest_notifier;
> >  EventNotifier host_notifier;
> >+EventNotifier *masked_guest_notifier;
> >  QLIST_ENTRY(VirtQueue) node;
> >  };
> >@@ -1622,6 +1623,14 @@ static void 
> >virtio_queue_guest_notifier_read(EventNotifier *n)
> >  if (event_notifier_test_and_clear(n)) {
> >  virtio_irq(vq);
> >  }
> >+/* It could take some time to the backend to switch to
> >+ * sending to unmasked evenfd, so we have to test masked
> >+ * notifier too. */
> >+if (vq->masked_guest_notifier) {
> >+if (event_notifier_test_and_clear(vq->masked_guest_notifier)) {
> >+virtio_irq(vq);
> >+}
> >+}
> >  }
> >  void virtio_queue_set_guest_notifier_fd_handler(VirtQueue *vq, bool assign,
> >@@ -1645,6 +1654,11 @@ EventNotifier 
> >*virtio_queue_get_guest_notifier(VirtQueue *vq)
> >  return >guest_notifier;
> >  }
> >+void virtio_queue_set_masked_guest_notifier(VirtQueue *vq, EventNotifier *n)
> >+{
> >+vq->masked_guest_notifier = n;
> >+}
> >+
> >  static void virtio_queue_host_notifier_read(EventNotifier *n)
> >  {
> >  VirtQueue *vq = container_of(n, VirtQueue, host_notifier);
> 
> Hi viktor,
> 
> i'm wondering how this patch works.
> virtio_queue_guest_notifier_read is only used in
> virtio_queue_set_guest_notifier_fd_handler.
> and it is only used if with_irq is not set:
> if (assign && !with_irqfd) {
> event_notifier_set_handler(>guest_notifier,
> virtio_queue_guest_notifier_read);
> } else {
> event_notifier_set_handler(>guest_notifier, NULL);
> }
> else null handler is set in guest_notifier.
> And from my understanding, virtio-pci in kvm mode uses irqfd, so when are
> we entering the virtio_queue_guest_notifier_read?
> did you also change the qemu configuration?
> 

Hmm, right. So, probably it would be better to take your version
of the fix as a temporarily solution which just disables the
ability to mask interrupts when virtio-net-pci is backed by
vhost-user.

> thanks
> didier
> 
> -- 
> Didier PALLARD
> 6WIND
> Software Engineer
> 
> Tel: +33 1 39 30 92 46
> Mob: +33 6 49 11 40 14
> Fax: +33 1 39 30 92 11
> didier.pall...@6wind.com
> www.6wind.com
> 
> 

Re: [Qemu-devel] usb-storage assertions

[Andrey Korolyov]

On Wed, Jan 13, 2016 at 7:13 PM, Gerd Hoffmann  wrote:
> On Di, 2016-01-12 at 14:56 +, Daniel P. Berrange wrote:
>> On Tue, Jan 12, 2016 at 03:36:40PM +0100, Kevin Wolf wrote:
>> > Am 12.01.2016 um 15:17 hat Gerd Hoffmann geschrieben:
>> > > On Sa, 2016-01-09 at 20:34 +0300, Andrey Korolyov wrote:
>> > > > Hello,
>> > > >
>> > > > during regular operations within linux guest with USB EHCI frontend I
>> > > > am seeing process crashes with an assert during regular operations
>> > > > like dpkg install:
>> > > >
>> > > > hw/usb/dev-storage.c:334: usb_msd_handle_reset: Assertion `s->req ==
>> > > > ((void *)0)' failed.
>
>> >   
>> > 1000
>> > 40
>> > 10
>> >   
>
>> Yes, that works with QEMU and will map through to the -drive I/O
>> tuning parameters.
>
> Works, successfully slowing down things to the point that a git clone of
> a linux kernel source tree from another machine in the same lan takes
> hours instead of minutes.
>
> That doesn't seem to be enough to trigger the asserts though :(
> Things are very slow but rock solid ...
>
> cheers,
>   Gerd
>

Gerd, could you please check against NetBSD/FreeBSD guest? Both of
them are complaining about interrupt storm upon last cleanups/syncs
before reboot when using USB frontend as a disk and second assert is
triggered very frequently. I`ll re-try with 2.5 in a couple of days
for both cases.

[Qemu-devel] [PATCH v2 0/9] block/qcow2: Migration handoff fixes and cleanups

[Kevin Wolf]

This is the non-controversal part of the qcow2 locking series, which just makes
the state of images with respect to live migration clearer and fixes a few bugs
we have in the handoff procedure and with writing the qcow2 feature table.

Kevin Wolf (9):
  qcow2: Write feature table only for v3 images
  qcow2: Write full header on image creation
  block: Assert no write requests under BDRV_O_INCOMING
  block: Fix error path in bdrv_invalidate_cache()
  block: Rename BDRV_O_INCOMING to BDRV_O_INACTIVE
  block: Inactivate BDS when migration completes
  qcow2: Implement .bdrv_inactivate
  qcow2: Fix BDRV_O_INACTIVE handling in qcow2_invalidate_cache()
  qcow2: Make image inaccessible after failed qcow2_invalidate_cache()

 block.c|  42 +++--
 block/io.c |   2 +
 block/qcow2.c  | 110 +++--
 block/qed.c|   4 +-
 include/block/block.h  |   3 +-
 include/block/block_int.h  |   1 +
 migration/migration.c  |   7 +++
 nbd.c  |   2 +-
 qmp.c  |  12 +
 tests/qemu-iotests/031.out |  17 +++
 tests/qemu-iotests/036 |   2 +
 tests/qemu-iotests/036.out |   5 +++
 tests/qemu-iotests/061.out |  35 ---
 13 files changed, 166 insertions(+), 76 deletions(-)

-- 
1.8.3.1

[Qemu-devel] [PATCH v2 4/9] block: Fix error path in bdrv_invalidate_cache()

[Kevin Wolf]

We can only clear BDRV_O_INCOMING if the caches were actually
invalidated.

Signed-off-by: Kevin Wolf 
Reviewed-by: Eric Blake 
---
 block.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/block.c b/block.c
index ef37d51..ee9d7ea 100644
--- a/block.c
+++ b/block.c
@@ -3276,12 +3276,14 @@ void bdrv_invalidate_cache(BlockDriverState *bs, Error 
**errp)
 bdrv_invalidate_cache(bs->file->bs, _err);
 }
 if (local_err) {
+bs->open_flags |= BDRV_O_INCOMING;
 error_propagate(errp, local_err);
 return;
 }
 
 ret = refresh_total_sectors(bs, bs->total_sectors);
 if (ret < 0) {
+bs->open_flags |= BDRV_O_INCOMING;
 error_setg_errno(errp, -ret, "Could not refresh total sector count");
 return;
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 2/9] qcow2: Write full header on image creation

[Kevin Wolf]

When creating a qcow2 image, we didn't necessarily call
qcow2_update_header(), but could end up with the basic header that
qcow2_create2() created manually. One thing that this basic header
lacks is the feature table. Let's make sure that it's always present.

This requires a few updates to test cases as well.

Signed-off-by: Kevin Wolf 
Reviewed-by: Eric Blake 
---
 block/qcow2.c  |  7 +++
 tests/qemu-iotests/031.out |  5 +
 tests/qemu-iotests/036 |  2 ++
 tests/qemu-iotests/036.out |  5 +
 tests/qemu-iotests/061.out | 20 
 5 files changed, 39 insertions(+)

diff --git a/block/qcow2.c b/block/qcow2.c
index 5f22e18..01f1fe3 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -2239,6 +2239,13 @@ static int qcow2_create2(const char *filename, int64_t 
total_size,
 abort();
 }
 
+/* Create a full header (including things like feature table) */
+ret = qcow2_update_header(bs);
+if (ret < 0) {
+error_setg_errno(errp, -ret, "Could not update qcow2 header");
+goto out;
+}
+
 /* Okay, now that we have a valid image, let's give it the right size */
 ret = bdrv_truncate(bs, total_size);
 if (ret < 0) {
diff --git a/tests/qemu-iotests/031.out b/tests/qemu-iotests/031.out
index f065404..7f5050b 100644
--- a/tests/qemu-iotests/031.out
+++ b/tests/qemu-iotests/031.out
@@ -116,6 +116,11 @@ refcount_order4
 header_length 104
 
 Header extension:
+magic 0x6803f857
+length144
+data  
+
+Header extension:
 magic 0x12345678
 length31
 data  'This is a test header extension'
diff --git a/tests/qemu-iotests/036 b/tests/qemu-iotests/036
index 392f1ef..c4cc91b 100755
--- a/tests/qemu-iotests/036
+++ b/tests/qemu-iotests/036
@@ -57,6 +57,7 @@ _make_test_img 64M
 $PYTHON qcow2.py "$TEST_IMG" set-feature-bit incompatible 63
 
 # Without feature table
+$PYTHON qcow2.py "$TEST_IMG" del-header-ext 0x6803f857
 $PYTHON qcow2.py "$TEST_IMG" dump-header
 _img_info
 
@@ -73,6 +74,7 @@ $PYTHON qcow2.py "$TEST_IMG" set-feature-bit incompatible 62
 $PYTHON qcow2.py "$TEST_IMG" set-feature-bit incompatible 63
 
 # Without feature table
+$PYTHON qcow2.py "$TEST_IMG" del-header-ext 0x6803f857
 _img_info
 
 # With feature table containing bit 63
diff --git a/tests/qemu-iotests/036.out b/tests/qemu-iotests/036.out
index 5616e37..f443635 100644
--- a/tests/qemu-iotests/036.out
+++ b/tests/qemu-iotests/036.out
@@ -56,6 +56,11 @@ autoclear_features0x8000
 refcount_order4
 header_length 104
 
+Header extension:
+magic 0x6803f857
+length144
+data  
+
 
 === Repair image ===
 
diff --git a/tests/qemu-iotests/061.out b/tests/qemu-iotests/061.out
index d604682..a03732e 100644
--- a/tests/qemu-iotests/061.out
+++ b/tests/qemu-iotests/061.out
@@ -24,6 +24,11 @@ autoclear_features0x0
 refcount_order4
 header_length 104
 
+Header extension:
+magic 0x6803f857
+length144
+data  
+
 magic 0x514649fb
 version   2
 backing_file_offset   0x0
@@ -76,6 +81,11 @@ autoclear_features0x0
 refcount_order4
 header_length 104
 
+Header extension:
+magic 0x6803f857
+length144
+data  
+
 ERROR cluster 5 refcount=0 reference=1
 ERROR cluster 6 refcount=0 reference=1
 Rebuilding refcount structure
@@ -126,6 +136,11 @@ autoclear_features0x400
 refcount_order4
 header_length 104
 
+Header extension:
+magic 0x6803f857
+length144
+data  
+
 magic 0x514649fb
 version   2
 backing_file_offset   0x0
@@ -228,6 +243,11 @@ autoclear_features0x0
 refcount_order4
 header_length 104
 
+Header extension:
+magic 0x6803f857
+length144
+data  
+
 ERROR cluster 5 refcount=0 reference=1
 ERROR cluster 6 refcount=0 reference=1
 Rebuilding refcount structure
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 7/9] qcow2: Implement .bdrv_inactivate

[Kevin Wolf]

The callback has to ensure that closing or flushing the image afterwards
wouldn't cause a write access to the image files. This means that just
the caches have to be written out, which is part of the existing
.bdrv_close implementation.

Signed-off-by: Kevin Wolf 
Reviewed-by: Eric Blake 
---
 block/qcow2.c | 45 -
 1 file changed, 28 insertions(+), 17 deletions(-)

diff --git a/block/qcow2.c b/block/qcow2.c
index 9e4abf3..519e2ae 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1685,6 +1685,32 @@ fail:
 return ret;
 }
 
+static int qcow2_inactivate(BlockDriverState *bs)
+{
+BDRVQcow2State *s = bs->opaque;
+int ret, result = 0;
+
+ret = qcow2_cache_flush(bs, s->l2_table_cache);
+if (ret) {
+result = ret;
+error_report("Failed to flush the L2 table cache: %s",
+ strerror(-ret));
+}
+
+ret = qcow2_cache_flush(bs, s->refcount_block_cache);
+if (ret) {
+result = ret;
+error_report("Failed to flush the refcount block cache: %s",
+ strerror(-ret));
+}
+
+if (result == 0) {
+qcow2_mark_clean(bs);
+}
+
+return result;
+}
+
 static void qcow2_close(BlockDriverState *bs)
 {
 BDRVQcow2State *s = bs->opaque;
@@ -1693,23 +1719,7 @@ static void qcow2_close(BlockDriverState *bs)
 s->l1_table = NULL;
 
 if (!(bs->open_flags & BDRV_O_INACTIVE)) {
-int ret1, ret2;
-
-ret1 = qcow2_cache_flush(bs, s->l2_table_cache);
-ret2 = qcow2_cache_flush(bs, s->refcount_block_cache);
-
-if (ret1) {
-error_report("Failed to flush the L2 table cache: %s",
- strerror(-ret1));
-}
-if (ret2) {
-error_report("Failed to flush the refcount block cache: %s",
- strerror(-ret2));
-}
-
-if (!ret1 && !ret2) {
-qcow2_mark_clean(bs);
-}
+qcow2_inactivate(bs);
 }
 
 cache_clean_timer_del(bs);
@@ -3340,6 +3350,7 @@ BlockDriver bdrv_qcow2 = {
 
 .bdrv_refresh_limits= qcow2_refresh_limits,
 .bdrv_invalidate_cache  = qcow2_invalidate_cache,
+.bdrv_inactivate= qcow2_inactivate,
 
 .create_opts = _create_opts,
 .bdrv_check  = qcow2_check,
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 3/9] block: Assert no write requests under BDRV_O_INCOMING

[Kevin Wolf]

As long as BDRV_O_INCOMING is set, the image file is only opened so we
have a file descriptor for it. We're definitely not supposed to modify
the image, it's still owned by the migration source.

Signed-off-by: Kevin Wolf 
Reviewed-by: Eric Blake 
---
 block/io.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/block/io.c b/block/io.c
index 63e3678..2f19f61 100644
--- a/block/io.c
+++ b/block/io.c
@@ -1300,6 +1300,7 @@ static int coroutine_fn 
bdrv_co_do_pwritev(BlockDriverState *bs,
 if (bs->read_only) {
 return -EPERM;
 }
+assert(!(bs->open_flags & BDRV_O_INCOMING));
 
 ret = bdrv_check_byte_request(bs, offset, bytes);
 if (ret < 0) {
@@ -2461,6 +2462,7 @@ int coroutine_fn bdrv_co_discard(BlockDriverState *bs, 
int64_t sector_num,
 } else if (bs->read_only) {
 return -EPERM;
 }
+assert(!(bs->open_flags & BDRV_O_INCOMING));
 
 /* Do nothing if disabled.  */
 if (!(bs->open_flags & BDRV_O_UNMAP)) {
-- 
1.8.3.1

[Qemu-devel] Question regarding self-modifying code.

[farmdve]

On Windows, in software MMU mode, how does QEMU handle self-modifying code?

Thank you.

Re: [Qemu-devel] [PATCH v2 5/9] block: Rename BDRV_O_INCOMING to BDRV_O_INACTIVE

[Eric Blake]

On 01/13/2016 09:37 AM, Kevin Wolf wrote:
> Instead of covering only the state of images on the migration
> destination before the migration is completed, the flag will also cover
> the state of images on the migration source after completion. This
> common state implies that the image is technically still open, but no
> writes will happen and any cached contents will be reloaded from disk if
> and when the image leaves this state.
> 
> Signed-off-by: Kevin Wolf 
> ---
>  block.c   | 10 +-
>  block/io.c|  4 ++--
>  block/qcow2.c |  6 +++---
>  block/qed.c   |  4 ++--
>  include/block/block.h |  2 +-
>  nbd.c |  2 +-
>  6 files changed, 14 insertions(+), 14 deletions(-)
> 

Reviewed-by: Eric Blake 

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] Question regarding self-modifying code.

[Peter Maydell]

On 13 January 2016 at 16:45, farmdve  wrote:
> On Windows, in software MMU mode, how does QEMU handle
> self-modifying code?

When we translate the guest code in a page of guest
memory, we mark that page as "not dirty for code" by
calling tlb_protect_code(), which clears a DIRTY_MEMORY_CODE
bit and also ensures that subsequent guest writes to
this page will take a slow code path. On that slow code
path (in notdirty_mem_write()) we check to see if the
DIRTY_MEMORY_CODE flag is clear for this page, and if
it is then we throw away the translated code by
calling tb_invalidate_phys_page_fast(). If the guest
later tries to execute from the page again, we will
translate the guest code again (and so will use the
freshly modified code).

There is some slight extra complication for CPUs which
can validly modify the code they're executing (ie
which don't need any kind of "flush cache/pipeline"
or a branch between the store which modifies the
code and the execution of the modified code). You
can find those by looking at the changes controlled
by the TARGET_HAS_PRECISE_SMC #define, which we only
need for x86 guests at the moment. (For CPUs which don't
set that, attempting to self-modify code in the same
TB won't work, which is OK because architecturally
that doesn't work on hardware either.)

thanks
-- PMM

[Qemu-devel] [PATCH v2 5/9] block: Rename BDRV_O_INCOMING to BDRV_O_INACTIVE

[Kevin Wolf]

Instead of covering only the state of images on the migration
destination before the migration is completed, the flag will also cover
the state of images on the migration source after completion. This
common state implies that the image is technically still open, but no
writes will happen and any cached contents will be reloaded from disk if
and when the image leaves this state.

Signed-off-by: Kevin Wolf 
---
 block.c   | 10 +-
 block/io.c|  4 ++--
 block/qcow2.c |  6 +++---
 block/qed.c   |  4 ++--
 include/block/block.h |  2 +-
 nbd.c |  2 +-
 6 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/block.c b/block.c
index ee9d7ea..7fbf74d 100644
--- a/block.c
+++ b/block.c
@@ -1191,7 +1191,7 @@ static int bdrv_fill_options(QDict **options, const char 
*filename,
 }
 
 if (runstate_check(RUN_STATE_INMIGRATE)) {
-*flags |= BDRV_O_INCOMING;
+*flags |= BDRV_O_INACTIVE;
 }
 
 return 0;
@@ -3265,10 +3265,10 @@ void bdrv_invalidate_cache(BlockDriverState *bs, Error 
**errp)
 return;
 }
 
-if (!(bs->open_flags & BDRV_O_INCOMING)) {
+if (!(bs->open_flags & BDRV_O_INACTIVE)) {
 return;
 }
-bs->open_flags &= ~BDRV_O_INCOMING;
+bs->open_flags &= ~BDRV_O_INACTIVE;
 
 if (bs->drv->bdrv_invalidate_cache) {
 bs->drv->bdrv_invalidate_cache(bs, _err);
@@ -3276,14 +3276,14 @@ void bdrv_invalidate_cache(BlockDriverState *bs, Error 
**errp)
 bdrv_invalidate_cache(bs->file->bs, _err);
 }
 if (local_err) {
-bs->open_flags |= BDRV_O_INCOMING;
+bs->open_flags |= BDRV_O_INACTIVE;
 error_propagate(errp, local_err);
 return;
 }
 
 ret = refresh_total_sectors(bs, bs->total_sectors);
 if (ret < 0) {
-bs->open_flags |= BDRV_O_INCOMING;
+bs->open_flags |= BDRV_O_INACTIVE;
 error_setg_errno(errp, -ret, "Could not refresh total sector count");
 return;
 }
diff --git a/block/io.c b/block/io.c
index 2f19f61..0129456 100644
--- a/block/io.c
+++ b/block/io.c
@@ -1300,7 +1300,7 @@ static int coroutine_fn 
bdrv_co_do_pwritev(BlockDriverState *bs,
 if (bs->read_only) {
 return -EPERM;
 }
-assert(!(bs->open_flags & BDRV_O_INCOMING));
+assert(!(bs->open_flags & BDRV_O_INACTIVE));
 
 ret = bdrv_check_byte_request(bs, offset, bytes);
 if (ret < 0) {
@@ -2462,7 +2462,7 @@ int coroutine_fn bdrv_co_discard(BlockDriverState *bs, 
int64_t sector_num,
 } else if (bs->read_only) {
 return -EPERM;
 }
-assert(!(bs->open_flags & BDRV_O_INCOMING));
+assert(!(bs->open_flags & BDRV_O_INACTIVE));
 
 /* Do nothing if disabled.  */
 if (!(bs->open_flags & BDRV_O_UNMAP)) {
diff --git a/block/qcow2.c b/block/qcow2.c
index 01f1fe3..9e4abf3 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1140,7 +1140,7 @@ static int qcow2_open(BlockDriverState *bs, QDict 
*options, int flags,
 }
 
 /* Clear unknown autoclear feature bits */
-if (!bs->read_only && !(flags & BDRV_O_INCOMING) && s->autoclear_features) 
{
+if (!bs->read_only && !(flags & BDRV_O_INACTIVE) && s->autoclear_features) 
{
 s->autoclear_features = 0;
 ret = qcow2_update_header(bs);
 if (ret < 0) {
@@ -1153,7 +1153,7 @@ static int qcow2_open(BlockDriverState *bs, QDict 
*options, int flags,
 qemu_co_mutex_init(>lock);
 
 /* Repair image if dirty */
-if (!(flags & (BDRV_O_CHECK | BDRV_O_INCOMING)) && !bs->read_only &&
+if (!(flags & (BDRV_O_CHECK | BDRV_O_INACTIVE)) && !bs->read_only &&
 (s->incompatible_features & QCOW2_INCOMPAT_DIRTY)) {
 BdrvCheckResult result = {0};
 
@@ -1692,7 +1692,7 @@ static void qcow2_close(BlockDriverState *bs)
 /* else pre-write overlap checks in cache_destroy may crash */
 s->l1_table = NULL;
 
-if (!(bs->open_flags & BDRV_O_INCOMING)) {
+if (!(bs->open_flags & BDRV_O_INACTIVE)) {
 int ret1, ret2;
 
 ret1 = qcow2_cache_flush(bs, s->l2_table_cache);
diff --git a/block/qed.c b/block/qed.c
index 9b88895..63185b5 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -477,7 +477,7 @@ static int bdrv_qed_open(BlockDriverState *bs, QDict 
*options, int flags,
  * feature is no longer valid.
  */
 if ((s->header.autoclear_features & ~QED_AUTOCLEAR_FEATURE_MASK) != 0 &&
-!bdrv_is_read_only(bs->file->bs) && !(flags & BDRV_O_INCOMING)) {
+!bdrv_is_read_only(bs->file->bs) && !(flags & BDRV_O_INACTIVE)) {
 s->header.autoclear_features &= QED_AUTOCLEAR_FEATURE_MASK;
 
 ret = qed_write_header_sync(s);
@@ -505,7 +505,7 @@ static int bdrv_qed_open(BlockDriverState *bs, QDict 
*options, int flags,
  * aid data recovery from an otherwise inconsistent image.
  */
 if (!bdrv_is_read_only(bs->file->bs) &&
-!(flags & BDRV_O_INCOMING)) {
+!(flags & BDRV_O_INACTIVE)) {
 

Re: [Qemu-devel] [RFC PATCH] vhost: fix lost interrupts from slow reacting back-end

[Didier Pallard]

On 01/13/2016 04:32 PM, Victor Kaplansky wrote:

On Tue, Jan 12, 2016 at 01:05:52PM +0100, Didier Pallard wrote:

On 01/12/2016 09:26 AM, Victor Kaplansky wrote:

This RFC PATCH tries to solve the problem of lost interrupts

>from a slow back-end. Didier could you test it?

Thanks, Victor

When interrupts are unmasked, it could take some undefined time
to the back-end to start routing events to guest_notifier. Till
that the events will continue flow to masked_notifier, and some
interrupts could be lost.

This patch tries to handle the above situation by testing and
cleaning both masked_notifier and guest_notifier in
guest_notifier read handler.

Signed-off-by: Victor Kaplansky 
---
  include/hw/virtio/virtio.h |  1 +
  hw/virtio/vhost.c  |  3 +++
  hw/virtio/virtio.c | 14 ++
  3 files changed, 18 insertions(+)

diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
index 205fadf2..f52b0b6a 100644
--- a/include/hw/virtio/virtio.h
+++ b/include/hw/virtio/virtio.h
@@ -240,6 +240,7 @@ VirtQueue *virtio_get_queue(VirtIODevice *vdev, int n);
  uint16_t virtio_get_queue_index(VirtQueue *vq);
  int virtio_queue_get_id(VirtQueue *vq);
  EventNotifier *virtio_queue_get_guest_notifier(VirtQueue *vq);
+void virtio_queue_set_masked_guest_notifier(VirtQueue *vq, EventNotifier *n);
  void virtio_queue_set_guest_notifier_fd_handler(VirtQueue *vq, bool assign,
  bool with_irqfd);
  EventNotifier *virtio_queue_get_host_notifier(VirtQueue *vq);
diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
index de29968a..51ce1532 100644
--- a/hw/virtio/vhost.c
+++ b/hw/virtio/vhost.c
@@ -854,6 +854,9 @@ static int vhost_virtqueue_start(struct vhost_dev *dev,
  /* Clear and discard previous events if any. */
  event_notifier_test_and_clear(>masked_notifier);
+/* Set masked guest_notifier. */
+virtio_queue_set_masked_guest_notifier(vvq, >masked_notifier);
+
  return 0;
  fail_kick:
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index bd6b4df9..d9095c51 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -89,6 +89,7 @@ struct VirtQueue
  VirtIODevice *vdev;
  EventNotifier guest_notifier;
  EventNotifier host_notifier;
+EventNotifier *masked_guest_notifier;
  QLIST_ENTRY(VirtQueue) node;
  };
@@ -1622,6 +1623,14 @@ static void 
virtio_queue_guest_notifier_read(EventNotifier *n)
  if (event_notifier_test_and_clear(n)) {
  virtio_irq(vq);
  }
+/* It could take some time to the backend to switch to
+ * sending to unmasked evenfd, so we have to test masked
+ * notifier too. */
+if (vq->masked_guest_notifier) {
+if (event_notifier_test_and_clear(vq->masked_guest_notifier)) {
+virtio_irq(vq);
+}
+}
  }
  void virtio_queue_set_guest_notifier_fd_handler(VirtQueue *vq, bool assign,
@@ -1645,6 +1654,11 @@ EventNotifier *virtio_queue_get_guest_notifier(VirtQueue 
*vq)
  return >guest_notifier;
  }
+void virtio_queue_set_masked_guest_notifier(VirtQueue *vq, EventNotifier *n)
+{
+vq->masked_guest_notifier = n;
+}
+
  static void virtio_queue_host_notifier_read(EventNotifier *n)
  {
  VirtQueue *vq = container_of(n, VirtQueue, host_notifier);

Hi viktor,

i'm wondering how this patch works.
virtio_queue_guest_notifier_read is only used in
virtio_queue_set_guest_notifier_fd_handler.
and it is only used if with_irq is not set:
 if (assign && !with_irqfd) {
 event_notifier_set_handler(>guest_notifier,
virtio_queue_guest_notifier_read);
 } else {
 event_notifier_set_handler(>guest_notifier, NULL);
 }
else null handler is set in guest_notifier.
And from my understanding, virtio-pci in kvm mode uses irqfd, so when are
we entering the virtio_queue_guest_notifier_read?
did you also change the qemu configuration?


Hmm, right. So, probably it would be better to take your version
of the fix as a temporarily solution which just disables the
ability to mask interrupts when virtio-net-pci is backed by
vhost-user.




Well, it does not completely disable the ability to mask interrupts:
interrupt masking is directly done by qemu (that set/unset eventfd
in kvm to unmask/mask interrupts) rather than by vhost-user backend.
This allows to be sure that interrupts are correctly masked[unmasked] on 
return

of virtio_pci_vq_vector_mask[unmask] function, (which is not the case when a
message is sent through the vhost-user linux socket)
but my patch was only tested with a single platform configuration. I 
don't know

if it behaves well with non pci buses, for example.


--
Didier PALLARD
6WIND
Software Engineer

Tel: +33 1 39 30 92 46
Mob: +33 6 49 11 40 14
Fax: +33 1 39 30 92 11
didier.pall...@6wind.com
www.6wind.com

Re: [Qemu-devel] [Qemu-block] [PATCH 05/10] block: Inactivate BDS when migration completes

[Eric Blake]

On 01/13/2016 07:25 AM, Kevin Wolf wrote:

>>> The name BDRV_O_INCOMING now doesn't quite match semantics on the
>>> source, but I don't have any better suggestions.  BDRV_O_LIMITED_USE?
>>> BDRV_O_HANDOFF?  At any rate, I fully agree with your logic of locking
>>> things down on the source to mark that the destination is about to take
>>> over write access to the file.
>>>
>>
>> INCOMING is handy as it keeps the code simple, even if it's weird to
>> read. Is it worth adding the extra ifs/case statements everywhere to add
>> in BDRV_O_HANDOFF? Maybe in the future someone will use BDRV_O_INCOMING
>> to mean something more specific (data is incoming, not just in the
>> process of being handed off) that could cause problems.
>>
>> Maybe even just renaming BDRV_O_INCOMING right now to be BDRV_O_HANDOFF
>> would accomplish the semantics we want on both source and destination
>> without needing two flags.
>>
>> Follow your dreams, Go with what you feel.
> 
> How about renaming BDRV_O_INCOMING to BDRV_O_INACTIVE?

BDRV_O_INACTIVE works for me.  Do the rename as a separate mechanical
patch, obviously.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

[Qemu-devel] [PATCH v2 1/9] qcow2: Write feature table only for v3 images

[Kevin Wolf]

Version 2 images don't have feature bits, so writing a feature table to
those images is kind of pointless.

Signed-off-by: Kevin Wolf 
Reviewed-by: Eric Blake 
---
 block/qcow2.c  | 48 --
 tests/qemu-iotests/031.out | 12 +---
 tests/qemu-iotests/061.out | 15 ---
 3 files changed, 26 insertions(+), 49 deletions(-)

diff --git a/block/qcow2.c b/block/qcow2.c
index 1789af4..5f22e18 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1895,31 +1895,33 @@ int qcow2_update_header(BlockDriverState *bs)
 }
 
 /* Feature table */
-Qcow2Feature features[] = {
-{
-.type = QCOW2_FEAT_TYPE_INCOMPATIBLE,
-.bit  = QCOW2_INCOMPAT_DIRTY_BITNR,
-.name = "dirty bit",
-},
-{
-.type = QCOW2_FEAT_TYPE_INCOMPATIBLE,
-.bit  = QCOW2_INCOMPAT_CORRUPT_BITNR,
-.name = "corrupt bit",
-},
-{
-.type = QCOW2_FEAT_TYPE_COMPATIBLE,
-.bit  = QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR,
-.name = "lazy refcounts",
-},
-};
+if (s->qcow_version >= 3) {
+Qcow2Feature features[] = {
+{
+.type = QCOW2_FEAT_TYPE_INCOMPATIBLE,
+.bit  = QCOW2_INCOMPAT_DIRTY_BITNR,
+.name = "dirty bit",
+},
+{
+.type = QCOW2_FEAT_TYPE_INCOMPATIBLE,
+.bit  = QCOW2_INCOMPAT_CORRUPT_BITNR,
+.name = "corrupt bit",
+},
+{
+.type = QCOW2_FEAT_TYPE_COMPATIBLE,
+.bit  = QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR,
+.name = "lazy refcounts",
+},
+};
 
-ret = header_ext_add(buf, QCOW2_EXT_MAGIC_FEATURE_TABLE,
- features, sizeof(features), buflen);
-if (ret < 0) {
-goto fail;
+ret = header_ext_add(buf, QCOW2_EXT_MAGIC_FEATURE_TABLE,
+ features, sizeof(features), buflen);
+if (ret < 0) {
+goto fail;
+}
+buf += ret;
+buflen -= ret;
 }
-buf += ret;
-buflen -= ret;
 
 /* Keep unknown header extensions */
 QLIST_FOREACH(uext, >unknown_header_ext, next) {
diff --git a/tests/qemu-iotests/031.out b/tests/qemu-iotests/031.out
index fce3ce0..f065404 100644
--- a/tests/qemu-iotests/031.out
+++ b/tests/qemu-iotests/031.out
@@ -53,11 +53,6 @@ refcount_order4
 header_length 72
 
 Header extension:
-magic 0x6803f857
-length144
-data  
-
-Header extension:
 magic 0x12345678
 length31
 data  'This is a test header extension'
@@ -68,7 +63,7 @@ No errors were found on the image.
 
 magic 0x514649fb
 version   2
-backing_file_offset   0x128
+backing_file_offset   0x90
 backing_file_size 0x17
 cluster_bits  16
 size  67108864
@@ -91,11 +86,6 @@ length11
 data  'host_device'
 
 Header extension:
-magic 0x6803f857
-length144
-data  
-
-Header extension:
 magic 0x12345678
 length31
 data  'This is a test header extension'
diff --git a/tests/qemu-iotests/061.out b/tests/qemu-iotests/061.out
index 57aae28..d604682 100644
--- a/tests/qemu-iotests/061.out
+++ b/tests/qemu-iotests/061.out
@@ -43,11 +43,6 @@ autoclear_features0x0
 refcount_order4
 header_length 72
 
-Header extension:
-magic 0x6803f857
-length144
-data  
-
 read 131072/131072 bytes at offset 0
 128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
 No errors were found on the image.
@@ -105,11 +100,6 @@ autoclear_features0x0
 refcount_order4
 header_length 72
 
-Header extension:
-magic 0x6803f857
-length144
-data  
-
 read 131072/131072 bytes at offset 0
 128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
 No errors were found on the image.
@@ -155,11 +145,6 @@ autoclear_features0x0
 refcount_order4
 header_length 72
 
-Header extension:
-magic 0x6803f857
-length144
-data  
-
 No errors were found on the image.
 
 === Testing version upgrade and resize ===
-- 
1.8.3.1